CVE-2022-31226 - OpenCVE

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Dell	Vostro 7620 Xps 17 9720 Firmware Optiplex 7400 Firmware Inspiron 16 Plus 7620 Inspiron 3910 Firmware Inspiron 16 Plus 7620 Firmware Inspiron 5620 Precision 3460 Small Form Factor Precision 5770 Firmware Vostro 5620 Optiplex 7000 Firmware Inspiron 5320 Firmware Xps 17 9720 Optiplex 7400 Vostro 3910 Firmware Chengming 3900 Firmware Inspiron 5620 Firmware Optiplex 3000 Thin Client Optiplex 5000 Optiplex 5000 Firmware Precision 3660 Tower Vostro 3710 Firmware Inspiron 7420 Firmware Vostro 3910 Optiplex 7000 Oem Firmware Vostro 7620 Firmware Precision 3460 Small Form Factor Firmware Vostro 5320 Firmware Inspiron 7620 Inspiron 14 Plus 7420 Firmware Vostro 3710 Optiplex 7000 Vostro 5620 Firmware Optiplex 5400 Firmware Inspiron 3910 Inspiron 14 Plus 7420 Inspiron 5420 Firmware Vostro 5320 Chengming 3900 Optiplex 7000 Oem Precision 3660 Tower Firmware Inspiron 5320 Optiplex 5400 Inspiron 7420 Precision 5770 Optiplex 3000 Optiplex 3000 Thin Client Firmware Optiplex 3000 Firmware Inspiron 7620 Firmware Inspiron 5420

Configuration 1 [-]

AND

cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:chengming_3900:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:dell:inspiron_14_plus_7420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_14_plus_7420:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:dell:inspiron_16_plus_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_16_plus_7620:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:dell:inspiron_3910_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3910:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:dell:inspiron_5320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5320:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:dell:inspiron_5420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5420:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:dell:inspiron_5620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5620:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:dell:inspiron_7420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_7420:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:dell:inspiron_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_7620:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:dell:optiplex_3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_3000:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:dell:optiplex_3000_thin_client_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:dell:optiplex_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_5000:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:dell:optiplex_5400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:dell:optiplex_7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7000:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:dell:optiplex_7000_oem_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7000_oem:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:dell:optiplex_7400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7400:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:dell:precision_3460_small_form_factor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_3460_small_form_factor:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:dell:precision_3660_tower_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_3660_tower:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:dell:precision_5770_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_5770:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:dell:vostro_3710_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3710:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:dell:vostro_3910_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3910:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:dell:vostro_5320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_5320:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:dell:vostro_5620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_5620:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:dell:vostro_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_7620:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:dell:xps_17_9720_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:xps_17_9720:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.dell.com/support/kbdoc/000202196	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2022-08-05T00:00:00

Updated: 2022-09-12T18:35:22

Reserved: 2022-05-19T00:00:00

Link: CVE-2022-31226

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-12T19:15:09.390

Modified: 2022-09-15T19:25:34.703

Link: CVE-2022-31226

JSON object: View

Redhat Information

No data.

CWE