CVE-2022-24421: Buffer Overflow
First published: Fri Mar 11 2022(Updated: )
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Alienware 13 R3 Firmware | <1.16.1 | |
| Dell Alienware 13 R3 | ||
| Dell Alienware 15 R3 Firmware | <1.16.1 | |
| Dell Alienware 15 R3 | ||
| Dell Alienware 15 R4 Firmware | <1.17.0 | |
| Dell Alienware 15 R4 | ||
| Dell Alienware 17 R4 Firmware | <1.16.1 | |
| Dell Alienware 17 R4 | ||
| Dell Alienware 17 R5 Firmware | <1.17.0 | |
| Dell Alienware 17 R5 | ||
| Dell Alienware Area 51m R1 Firmware | <1.18.0 | |
| Dell Alienware Area 51m R1 | ||
| Dell Alienware Area 51m R2 Firmware | <1.13.0 | |
| Dell Alienware Area 51m R2 | ||
| Dell Alienware Aurora R8 Firmware | <1.0.20 | |
| Dell Alienware Aurora R8 | ||
| Dell Alienware M15 R2 Firmware | <1.12.0 | |
| Dell Alienware M15 R2 | ||
| Dell Alienware M15 R3 Firmware | <1.14.0 | |
| Dell Alienware M15 R3 | ||
| Dell Alienware M15 R4 Firmware | <1.8.0 | |
| Dell Alienware M15 R4 | ||
| Dell Alienware M17 R2 Firmware | <1.12.0 | |
| Dell Alienware M17 R2 | ||
| Dell Alienware M17 R3 Firmware | <1.14.0 | |
| Dell Alienware M17 R3 | ||
| Dell Alienware M17 R4 Firmware | <1.8.0 | |
| Dell Alienware M17 R4 | ||
| Dell Alienware X15 R1 Firmware | <1.7.0 | |
| Dell Alienware X15 R1 | ||
| Dell Alienware X17 R1 Firmware | <1.7.0 | |
| Dell Alienware X17 R1 | ||
| Dell Edge Gateway 3000 Firmware | <1.7.0 | |
| Dell Edge Gateway 3000 | ||
| Dell Edge Gateway 5000 Firmware | <1.17.0 | |
| Dell Edge Gateway 5000 | ||
| Dell Edge Gateway 5100 Firmware | <1.17.0 | |
| Dell Edge Gateway 5100 | ||
| Dell Embedded Box Pc 3000 Firmware | <1.13.0 | |
| Dell Embedded Box Pc 3000 | ||
| Dell Embedded Box Pc 5000 Firmware | <1.14.0 | |
| Dell Embedded Box Pc 5000 | ||
| Dell Inspiron 14 3473 Firmware | <1.14.0 | |
| Dell Inspiron 14 3473 | ||
| Dell Inspiron 15 3573 Firmware | <1.14.0 | |
| Dell Inspiron 15 3573 | ||
| Dell Inspiron 15 5566 Firmware | <1.18.0 | |
| Dell Inspiron 15 5566 | ||
| Dell Inspiron 3277 Firmware | <1.19.0 | |
| Dell Inspiron 3277 | ||
| Dell Inspiron 3465 Firmware | <1.12.0 | |
| Dell Inspiron 3465 | ||
| Dell Inspiron 3477 Firmware | <1.19.0 | |
| Dell Inspiron 3477 | ||
| Dell Inspiron 3482 Firmware | <1.13.0 | |
| Dell Inspiron 3482 | ||
| Dell Inspiron 3502 Firmware | <1.7.0 | |
| Dell Inspiron 3502 | ||
| Dell Inspiron 3510 Firmware | <1.6.0 | |
| Dell Inspiron 3510 | ||
| Dell Inspiron 3565 Firmware | <1.12.0 | |
| Dell Inspiron 3565 | ||
| Dell Inspiron 3582 Firmware | <1.13.0 | |
| Dell Inspiron 3582 | ||
| Dell Inspiron 3782 Firmware | <1.13.0 | |
| Dell Inspiron 3782 | ||
| Dell Latitude 3379 Firmware | <1.0.34 | |
| Dell Latitude 3379 | ||
| Dell Vostro 14 5468 Firmware | <1.19.0 | |
| Dell Vostro 14 5468 | ||
| Dell Vostro 15 5568 Firmware | <1.19.0 | |
| Dell Vostro 15 5568 | ||
| Dell Vostro 3267 Firmware | <1.20.0 | |
| Dell Vostro 3267 | ||
| Dell Vostro 3268 Firmware | <1.20.0 | |
| Dell Vostro 3268 | ||
| Dell Vostro 3572 Firmware | <1.14.0 | |
| Dell Vostro 3572 | ||
| Dell Vostro 3582 Firmware | <1.13.0 | |
| Dell Vostro 3582 | ||
| Dell Vostro 3660 Firmware | <1.20.0 | |
| Dell Vostro 3660 | ||
| Dell Vostro 3667 Firmware | <1.20.0 | |
| Dell Vostro 3667 | ||
| Dell Vostro 3668 Firmware | <1.20.0 | |
| Dell Vostro 3668 | ||
| Dell Vostro 3669 Firmware | <1.20.0 | |
| Dell Vostro 3669 | ||
| Dell Wyse 7040 Thin Client Firmware | <1.15.0 | |
| Dell Wyse 7040 Thin Client | ||
| Dell Xps 8930 Firmware | <1.1.21 | |
| Dell Xps 8930 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-24421?
The severity of CVE-2022-24421 is high with a CVSS score of 7.8.
How can a local authenticated malicious user exploit CVE-2022-24421?
A local authenticated malicious user can potentially exploit CVE-2022-24421 by using an SMI to gain arbitrary code execution during SMM.
Which Dell software versions are affected by CVE-2022-24421?
Dell Alienware 13 R3, Alienware 15 R3, Alienware 15 R4, Alienware 17 R4, Alienware 17 R5, Alienware Area 51m R1, Alienware Area 51m R2, Alienware Aurora R8, Alienware M15 R2, Alienware M15 R3, Alienware M15 R4, Alienware M17 R2, Alienware M17 R3, Alienware M17 R4, Alienware X15 R1, Alienware X17 R1, Edge Gateway 3000, Edge Gateway 5000, Edge Gateway 5100, Embedded Box Pc 3000, Embedded Box Pc 5000, Inspiron 14 3473, Inspiron 15 3573, Inspiron 15 5566, Inspiron 3277, Inspiron 3465, Inspiron 3477, Inspiron 3482, Inspiron 3502, Inspiron 3510, Inspiron 3565, Inspiron 3582, Inspiron 3782, Latitude 3379, Vostro 14 5468, Vostro 15 5568, Vostro 3267, Vostro 3268, Vostro 3572, Vostro 3582, Vostro 3660, Vostro 3667, Vostro 3668, Vostro 3669, Wyse 7040 Thin Client, Xps 8930 are affected.
Is Dell Alienware 13 R3 vulnerable to CVE-2022-24421?
Yes, Dell Alienware 13 R3 Firmware versions up to 1.16.1 are vulnerable to CVE-2022-24421.
How can I learn more about CVE-2022-24421?
You can find more information about CVE-2022-24421 at Dell's official support page provided in the reference link.
- collector/nvd-index
- agent/type
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- vendor/dell
- canonical/dell alienware 13 r3 firmware
- canonical/dell alienware 13 r3
- canonical/dell alienware 15 r3 firmware
- canonical/dell alienware 15 r3
- canonical/dell alienware 15 r4 firmware
- canonical/dell alienware 15 r4
- canonical/dell alienware 17 r4 firmware
- canonical/dell alienware 17 r4
- canonical/dell alienware 17 r5 firmware
- canonical/dell alienware 17 r5
- canonical/dell alienware area 51m r1 firmware
- canonical/dell alienware area 51m r1
- canonical/dell alienware area 51m r2 firmware
- canonical/dell alienware area 51m r2
- canonical/dell alienware aurora r8 firmware
- canonical/dell alienware aurora r8
- canonical/dell alienware m15 r2 firmware
- canonical/dell alienware m15 r2
- canonical/dell alienware m15 r3 firmware
- canonical/dell alienware m15 r3
- canonical/dell alienware m15 r4 firmware
- canonical/dell alienware m15 r4
- canonical/dell alienware m17 r2 firmware
- canonical/dell alienware m17 r2
- canonical/dell alienware m17 r3 firmware
- canonical/dell alienware m17 r3
- canonical/dell alienware m17 r4 firmware
- canonical/dell alienware m17 r4
- canonical/dell alienware x15 r1 firmware
- canonical/dell alienware x15 r1
- canonical/dell alienware x17 r1 firmware
- canonical/dell alienware x17 r1
- canonical/dell edge gateway 3000 firmware
- canonical/dell edge gateway 3000
- canonical/dell edge gateway 5000 firmware
- canonical/dell edge gateway 5000
- canonical/dell edge gateway 5100 firmware
- canonical/dell edge gateway 5100
- canonical/dell embedded box pc 3000 firmware
- canonical/dell embedded box pc 3000
- canonical/dell embedded box pc 5000 firmware
- canonical/dell embedded box pc 5000
- canonical/dell inspiron 14 3473 firmware
- canonical/dell inspiron 14 3473
- canonical/dell inspiron 15 3573 firmware
- canonical/dell inspiron 15 3573
- canonical/dell inspiron 15 5566 firmware
- canonical/dell inspiron 15 5566
- canonical/dell inspiron 3277 firmware
- canonical/dell inspiron 3277
- canonical/dell inspiron 3465 firmware
- canonical/dell inspiron 3465
- canonical/dell inspiron 3477 firmware
- canonical/dell inspiron 3477
- canonical/dell inspiron 3482 firmware
- canonical/dell inspiron 3482
- canonical/dell inspiron 3502 firmware
- canonical/dell inspiron 3502
- canonical/dell inspiron 3510 firmware
- canonical/dell inspiron 3510
- canonical/dell inspiron 3565 firmware
- canonical/dell inspiron 3565
- canonical/dell inspiron 3582 firmware
- canonical/dell inspiron 3582
- canonical/dell inspiron 3782 firmware
- canonical/dell inspiron 3782
- canonical/dell latitude 3379 firmware
- canonical/dell latitude 3379
- canonical/dell vostro 14 5468 firmware
- canonical/dell vostro 14 5468
- canonical/dell vostro 15 5568 firmware
- canonical/dell vostro 15 5568
- canonical/dell vostro 3267 firmware
- canonical/dell vostro 3267
- canonical/dell vostro 3268 firmware
- canonical/dell vostro 3268
- canonical/dell vostro 3572 firmware
- canonical/dell vostro 3572
- canonical/dell vostro 3582 firmware
- canonical/dell vostro 3582
- canonical/dell vostro 3660 firmware
- canonical/dell vostro 3660
- canonical/dell vostro 3667 firmware
- canonical/dell vostro 3667
- canonical/dell vostro 3668 firmware
- canonical/dell vostro 3668
- canonical/dell vostro 3669 firmware
- canonical/dell vostro 3669
- canonical/dell wyse 7040 thin client firmware
- canonical/dell wyse 7040 thin client
- canonical/dell xps 8930 firmware
- canonical/dell xps 8930