CVE-2022-26862: Input Validation
First published: Tue Jun 21 2022(Updated: )
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Alienware m15 Ryzen Edition R5 | <1.5.0 | |
| Dell Alienware m15 Ryzen Edition R5 | ||
| Dell G15 5515 Firmware | <1.6.0 | |
| Dell G15 5515 Firmware | ||
| Dell G5 SE 5505 | <1.11.0 | |
| Dell G5 SE 5505 Firmware | ||
| Dell Inspiron 27 7775 Firmware | <2.16.1 | |
| Dell Inspiron 27 7775 Firmware | ||
| Dell Inspiron 5425 Firmware | <1.2.1 | |
| Dell Inspiron 14 5425 Firmware | ||
| Dell Inspiron 22-3275 Firmware | <1.9.0 | |
| Dell Inspiron 22-3275 | ||
| Dell Inspiron 24-3475 Firmware | <1.9.0 | |
| Dell Inspiron 24-3475 Firmware | ||
| Dell Inspiron 3180 Firmware | <1.4.4 | |
| Dell Inspiron 3180 Firmware | ||
| Dell Inspiron 3185 Firmware | <1.4.4 | |
| Dell Inspiron 3185 Firmware | ||
| Dell Inspiron | <1.4.1 | |
| Dell Inspiron 3195 Firmware | ||
| Dell Inspiron 3505 Firmware | <1.6.0 | |
| Dell Inspiron 3505 Firmware | ||
| Dell Inspiron 15 3515 Firmware | <1.5.0 | |
| Dell Inspiron 3515 Firmware | ||
| Dell Inspiron 15 3525 Firmware | <1.3.0 | |
| Dell Inspiron 15 3525 | ||
| Dell Inspiron 3585 Firmware | <1.7.0 | |
| Dell Inspiron 3585 Firmware | ||
| Dell Inspiron 3595 Firmware | <1.3.0 | |
| Dell Inspiron 3595 Firmware | ||
| Dell Inspiron 3785 Firmware | <1.7.0 | |
| Dell Inspiron 3785 Firmware | ||
| Dell Inspiron 5405 Firmware | <1.7.0 | |
| Dell Inspiron 5405 | ||
| Dell Inspiron 5415 Firmware | <1.9.0 | |
| Dell Inspiron 5415 Firmware | ||
| Dell Inspiron 24 5415 All-in-One Firmware | <1.5.0 | |
| Dell Inspiron 24 5415 All-in-One | ||
| Dell Inspiron 5485 Firmware | <2.8.0 | |
| Dell Inspiron 5485 Firmware | ||
| Dell Inspiron 5505 Firmware | <1.7.0 | |
| Dell Inspiron 5505 | ||
| Dell Inspiron 5515 Firmware | <1.9.0 | |
| Dell Inspiron 5515 Firmware | ||
| Dell Inspiron 5575 Firmware | <1.6.0 | |
| Dell Inspiron 5575 Firmware | ||
| Dell Inspiron 5585 Firmware | <2.8.0 | |
| Dell Inspiron 5585 Firmware | ||
| Dell Inspiron 7375 Firmware | <1.7.0 | |
| Dell Inspiron 7375 Firmware | ||
| Dell Inspiron 7405 Firmware | <1.8.0 | |
| Dell Inspiron 7405 Firmware | ||
| Dell Inspiron 7415 Firmware | <1.9.0 | |
| Dell Inspiron 7415 Firmware | ||
| Dell Inspiron 7425 Firmware | <1.2.1 | |
| Dell Inspiron 7425 | ||
| Dell Vostro 3405 Firmware | <1.6.0 | |
| Dell Vostro 3405 Firmware | ||
| Dell Vostro 15 3515 Firmware | <1.5.0 | |
| Dell Vostro 3515 Firmware | ||
| Dell Vostro 15 3525 Firmware | <1.3.0 | |
| Dell Vostro 15 3525 Firmware | ||
| Dell Vostro 5415 Firmware | <1.9.0 | |
| Dell Vostro 5415 Firmware | ||
| Dell Vostro 5515 | <1.9.0 | |
| Dell Vostro 5515 Firmware | ||
| Dell Vostro 5625 Firmware | <1.2.1 | |
| Dell Vostro 5625 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-26862?
CVE-2022-26862 is rated as medium severity due to its potential to allow a local attacker to bypass security controls.
How do I fix CVE-2022-26862?
To fix CVE-2022-26862, users should upgrade to the latest firmware version specified in the Dell advisory.
What types of systems are affected by CVE-2022-26862?
CVE-2022-26862 affects various Dell systems including Alienware m15 R5 and G15 5515 with certain firmware versions.
Can a remote attacker exploit CVE-2022-26862?
No, CVE-2022-26862 can only be exploited by a locally authenticated user, not remotely.
What happens if CVE-2022-26862 is exploited?
If exploited, CVE-2022-26862 could allow an attacker to compromise system security by evading certain security controls.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell alienware m15 ryzen edition r5
- canonical/dell g15 5515 firmware
- canonical/dell g5 se 5505
- canonical/dell g5 se 5505 firmware
- canonical/dell inspiron 27 7775 firmware
- canonical/dell inspiron 5425 firmware
- canonical/dell inspiron 14 5425 firmware
- canonical/dell inspiron 22-3275 firmware
- canonical/dell inspiron 22-3275
- canonical/dell inspiron 24-3475 firmware
- canonical/dell inspiron 3180 firmware
- canonical/dell inspiron 3185 firmware
- canonical/dell inspiron
- canonical/dell inspiron 3195 firmware
- canonical/dell inspiron 3505 firmware
- canonical/dell inspiron 15 3515 firmware
- canonical/dell inspiron 3515 firmware
- canonical/dell inspiron 15 3525 firmware
- canonical/dell inspiron 15 3525
- canonical/dell inspiron 3585 firmware
- canonical/dell inspiron 3595 firmware
- canonical/dell inspiron 3785 firmware
- canonical/dell inspiron 5405 firmware
- canonical/dell inspiron 5405
- canonical/dell inspiron 5415 firmware
- canonical/dell inspiron 24 5415 all-in-one firmware
- canonical/dell inspiron 24 5415 all-in-one
- canonical/dell inspiron 5485 firmware
- canonical/dell inspiron 5505 firmware
- canonical/dell inspiron 5505
- canonical/dell inspiron 5515 firmware
- canonical/dell inspiron 5575 firmware
- canonical/dell inspiron 5585 firmware
- canonical/dell inspiron 7375 firmware
- canonical/dell inspiron 7405 firmware
- canonical/dell inspiron 7415 firmware
- canonical/dell inspiron 7425 firmware
- canonical/dell inspiron 7425
- canonical/dell vostro 3405 firmware
- canonical/dell vostro 15 3515 firmware
- canonical/dell vostro 3515 firmware
- canonical/dell vostro 15 3525 firmware
- canonical/dell vostro 5415 firmware
- canonical/dell vostro 5515
- canonical/dell vostro 5515 firmware
- canonical/dell vostro 5625 firmware