CVE-2022-24416: Buffer Overflow
First published: Fri Mar 11 2022(Updated: )
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Alienware 13 R3 Firmware | <1.16.1 | |
| Dell Alienware 13 R3 Firmware | ||
| Dell Alienware 15 R3 Firmware | <1.16.1 | |
| Dell Alienware 15 R3 Firmware | ||
| Dell Alienware 15 R4 Firmware | <1.17.0 | |
| Dell Alienware 15 R4 Firmware | ||
| Dell Alienware M17xr4 | <1.16.1 | |
| Dell Alienware 17 R4 Firmware | ||
| Dell Alienware 17 R5 | <1.17.0 | |
| Dell Alienware m17 R5 | ||
| Dell Alienware Area 51m R1 Firmware | <1.18.0 | |
| Dell Alienware Area 51m R1 Firmware | ||
| Dell Alienware Area 51m R2 Firmware | <1.13.0 | |
| Dell Alienware Area 51m R2 Firmware | ||
| Dell Alienware Aurora R8 | <1.0.20 | |
| Dell Alienware Aurora R8 | ||
| Dell Alienware m15 R2 Firmware | <1.12.0 | |
| Dell Alienware m15 R2 Firmware | ||
| Dell Alienware m15 R3 Firmware | <1.14.0 | |
| Dell Alienware 15 R3 | ||
| Dell Alienware M15 R4 Firmware | <1.8.0 | |
| Dell Alienware M15 R4 Firmware | ||
| Dell Alienware m17 R2 firmware | <1.12.0 | |
| Dell Alienware m17 R2 firmware | ||
| Dell Alienware m17 R3 firmware | <1.14.0 | |
| Dell Alienware m17 R3 firmware | ||
| Dell Alienware M17xr4 | <1.8.0 | |
| Dell Alienware M17xr4 | ||
| Dell Alienware x15 R1 Firmware | <1.7.0 | |
| Dell Alienware x15 R1 Firmware | ||
| Dell Alienware X17 R1 Firmware | <1.7.0 | |
| Dell Alienware X17 R1 Firmware | ||
| ETG3000 FactoryCast HMI Gateway Firmware | <1.7.0 | |
| Dell Edge Gateway 3000 | ||
| Dell Edge Gateway 5000 firmware | <1.17.0 | |
| Dell Edge Gateway 5000 firmware | ||
| Dell Edge Gateway 5100 | <1.17.0 | |
| Dell Edge Gateway 5100 firmware | ||
| Dell Embedded Box PC 3000 Firmware | <1.13.0 | |
| Dell Embedded Box PC 3000 Firmware | ||
| Dell Embedded Box PC 5000 | <1.14.0 | |
| Dell Embedded Box PC 5000 | ||
| Dell Inspiron 14 3473 Firmware | <1.14.0 | |
| Dell Inspiron 14 3473 Firmware | ||
| Dell Inspiron 15 3573 Firmware | <1.14.0 | |
| Dell Inspiron 15 3573 Firmware | ||
| Dell Inspiron 5566 Firmware | <1.18.0 | |
| Dell Inspiron 5566 Firmware | ||
| Dell Inspiron 3277 AIO Firmware | <1.19.0 | |
| Dell Inspiron 3277 Firmware | ||
| Dell Inspiron 3465 | <1.12.0 | |
| Dell Inspiron 3465 Firmware | ||
| Dell Inspiron 3477 AIO Firmware | <1.19.0 | |
| Dell Inspiron 3477 Firmware | ||
| Dell Inspiron 3482 Firmware | <1.13.0 | |
| Dell Inspiron 3482 Firmware | ||
| Dell Inspiron 3502 Firmware | <1.7.0 | |
| Dell Inspiron 3502 Firmware | ||
| Dell Inspiron 15 3510 Firmware | <1.6.0 | |
| Dell Inspiron 15 3510 | ||
| Dell Inspiron 3565 Firmware | <1.12.0 | |
| Dell Inspiron 3565 Firmware | ||
| Dell Inspiron 3582 Firmware | <1.13.0 | |
| Dell Inspiron 3582 Firmware | ||
| Dell Inspiron 3782 Firmware | <1.13.0 | |
| Dell Inspiron 3782 | ||
| Dell Latitude 3379 Firmware | <1.0.34 | |
| Dell Latitude 3379 Firmware | ||
| Dell Vostro 14 5468 | <1.19.0 | |
| Dell Vostro 5468 | ||
| Dell Vostro 15 5568 Firmware | <1.19.0 | |
| Dell Vostro 15 5568 Firmware | ||
| Dell Vostro 3267 Firmware | <1.20.0 | |
| Dell Vostro 3267 Firmware | ||
| Dell Vostro 3268 Firmware | <1.20.0 | |
| Dell Vostro 3268 Firmware | ||
| Dell Vostro 3572 Firmware | <1.14.0 | |
| Dell Vostro 3572 Firmware | ||
| Dell Vostro 3582 Firmware | <1.13.0 | |
| Dell Vostro 3582 Firmware | ||
| Dell Vostro 3660 firmware | <1.20.0 | |
| Dell Vostro 3660 firmware | ||
| Dell Vostro 3667 Firmware | <1.20.0 | |
| Dell Vostro 3667 Firmware | ||
| Dell Vostro 3668 Firmware | <1.20.0 | |
| Dell Vostro 3668 Firmware | ||
| Dell Vostro 3669 Firmware | <1.20.0 | |
| Dell Vostro 3669 Firmware | ||
| Dell Wyse 7040 Thin Firmware | <1.15.0 | |
| Dell Wyse 7040 | ||
| Dell XPS 8930 Firmware | <1.1.21 | |
| Dell XPS 8930 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-24416?
CVE-2022-24416 is rated as a high-severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2022-24416?
To fix CVE-2022-24416, it is recommended to update the affected Dell BIOS versions to the latest versions provided by Dell.
Who is affected by CVE-2022-24416?
CVE-2022-24416 affects various Dell Alienware models, including Alienware 13 R3, 15 R3/R4, 17 R4/R5, and several others.
What type of vulnerability is CVE-2022-24416?
CVE-2022-24416 is an improper input validation vulnerability that may allow local authenticated users to execute arbitrary code.
Can CVE-2022-24416 be exploited remotely?
CVE-2022-24416 is not a remotely exploitable vulnerability as it requires local authenticated access to exploit.
- agent/weakness
- agent/type
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell alienware 13 r3 firmware
- canonical/dell alienware 15 r3 firmware
- canonical/dell alienware 15 r4 firmware
- canonical/dell alienware m17xr4
- canonical/dell alienware 17 r4 firmware
- canonical/dell alienware 17 r5
- canonical/dell alienware m17 r5
- canonical/dell alienware area 51m r1 firmware
- canonical/dell alienware area 51m r2 firmware
- canonical/dell alienware aurora r8
- canonical/dell alienware m15 r2 firmware
- canonical/dell alienware m15 r3 firmware
- canonical/dell alienware 15 r3
- canonical/dell alienware m15 r4 firmware
- canonical/dell alienware m17 r2 firmware
- canonical/dell alienware m17 r3 firmware
- canonical/dell alienware x15 r1 firmware
- canonical/dell alienware x17 r1 firmware
- canonical/etg3000 factorycast hmi gateway firmware
- canonical/dell edge gateway 3000
- canonical/dell edge gateway 5000 firmware
- canonical/dell edge gateway 5100
- canonical/dell edge gateway 5100 firmware
- canonical/dell embedded box pc 3000 firmware
- canonical/dell embedded box pc 5000
- canonical/dell inspiron 14 3473 firmware
- canonical/dell inspiron 15 3573 firmware
- canonical/dell inspiron 5566 firmware
- canonical/dell inspiron 3277 aio firmware
- canonical/dell inspiron 3277 firmware
- canonical/dell inspiron 3465
- canonical/dell inspiron 3465 firmware
- canonical/dell inspiron 3477 aio firmware
- canonical/dell inspiron 3477 firmware
- canonical/dell inspiron 3482 firmware
- canonical/dell inspiron 3502 firmware
- canonical/dell inspiron 15 3510 firmware
- canonical/dell inspiron 15 3510
- canonical/dell inspiron 3565 firmware
- canonical/dell inspiron 3582 firmware
- canonical/dell inspiron 3782 firmware
- canonical/dell inspiron 3782
- canonical/dell latitude 3379 firmware
- canonical/dell vostro 14 5468
- canonical/dell vostro 5468
- canonical/dell vostro 15 5568 firmware
- canonical/dell vostro 3267 firmware
- canonical/dell vostro 3268 firmware
- canonical/dell vostro 3572 firmware
- canonical/dell vostro 3582 firmware
- canonical/dell vostro 3660 firmware
- canonical/dell vostro 3667 firmware
- canonical/dell vostro 3668 firmware
- canonical/dell vostro 3669 firmware
- canonical/dell wyse 7040 thin firmware
- canonical/dell wyse 7040
- canonical/dell xps 8930 firmware