CVE-2022-24420 - OpenCVE

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Dell	Edge Gateway 5000 Firmware Edge Gateway 5100 Alienware 15 R4 Firmware Alienware M17 R4 Firmware Inspiron 15 3573 Embedded Box Pc 5000 Alienware M17 R2 Alienware Aurora R8 Firmware Alienware Area 51m R2 Firmware Inspiron 14 3473 Alienware 15 R3 Inspiron 3465 Firmware Inspiron 3565 Firmware Alienware 13 R3 Firmware Inspiron 3277 Firmware Embedded Box Pc 3000 Xps 8930 Edge Gateway 3000 Firmware Inspiron 3582 Firmware Vostro 3572 Firmware Vostro 14 5468 Vostro 3267 Alienware M17 R4 Alienware X17 R1 Firmware Inspiron 3510 Firmware Alienware 15 R3 Firmware Alienware 13 R3 Vostro 3667 Firmware Latitude 3379 Firmware Alienware 15 R4 Embedded Box Pc 5000 Firmware Alienware 17 R4 Firmware Alienware Area 51m R1 Firmware Alienware 17 R5 Firmware Alienware M15 R2 Firmware Vostro 3268 Firmware Alienware X15 R1 Inspiron 3477 Alienware 17 R5 Vostro 3668 Edge Gateway 5100 Firmware Inspiron 3782 Firmware Alienware 17 R4 Vostro 15 5568 Alienware M15 R4 Firmware Vostro 3572 Inspiron 3482 Firmware Edge Gateway 5000 Vostro 3267 Firmware Alienware M15 R3 Firmware Inspiron 15 5566 Inspiron 3482 Vostro 3582 Inspiron 14 3473 Firmware Inspiron 3582 Alienware Aurora R8 Inspiron 15 3573 Firmware Alienware Area 51m R1 Alienware M17 R3 Edge Gateway 3000 Inspiron 3502 Firmware Vostro 15 5568 Firmware Alienware Area 51m R2 Vostro 3669 Vostro 3582 Firmware Vostro 3667 Inspiron 3565 Inspiron 3465 Vostro 3660 Firmware Embedded Box Pc 3000 Firmware Inspiron 3782 Inspiron 15 5566 Firmware Vostro 3669 Firmware Alienware M17 R3 Firmware Vostro 3668 Firmware Alienware M15 R3 Wyse 7040 Thin Client Inspiron 3502 Vostro 3268 Alienware M17 R2 Firmware Wyse 7040 Thin Client Firmware Alienware M15 R2 Alienware X15 R1 Firmware Alienware X17 R1 Alienware M15 R4 Vostro 14 5468 Firmware Inspiron 3510 Inspiron 3477 Firmware Inspiron 3277 Latitude 3379 Xps 8930 Firmware Vostro 3660

Configuration 1 [-]

AND

cpe:2.3:o:dell:alienware_13_r3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_13_r3:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:dell:alienware_15_r3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_15_r3:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:dell:alienware_15_r4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_15_r4:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:dell:alienware_17_r4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_17_r4:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:dell:alienware_17_r5_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_17_r5:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:dell:alienware_aurora_r8_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:dell:edge_gateway_5100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:edge_gateway_5100:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:dell:inspiron_14_3473_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_14_3473:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:dell:inspiron_15_3573_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_15_3573:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:dell:inspiron_15_5566_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:dell:inspiron_3277_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3277:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:dell:inspiron_3465_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3465:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:dell:inspiron_3477_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3477:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:dell:inspiron_3482_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3482:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:dell:inspiron_3510_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3510:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:dell:inspiron_3565_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3565:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:dell:inspiron_3582_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3582:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:dell:inspiron_3782_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3782:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:dell:vostro_14_5468_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_14_5468:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:dell:vostro_15_5568_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_15_5568:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:dell:vostro_3572_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3572:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:dell:vostro_3582_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3582:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:dell:xps_8930_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:xps_8930:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2022-03-10T00:00:00

Updated: 2022-03-11T21:45:19

Reserved: 2022-02-04T00:00:00

Link: CVE-2022-24420

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-11T22:15:13.547

Modified: 2023-06-30T18:41:12.827

Link: CVE-2022-24420

JSON object: View

Redhat Information

No data.

CWE

CWE-119