What is CVE-2022-31220?

CVE-2022-31220 refers to a vulnerability in Dell BIOS versions that allows a local authenticated administrator user to change the state of the system or cause unexpected failures.

How severe is the CVE-2022-31220 vulnerability?

The severity of CVE-2022-31220 is medium with a severity value of 5.1.

Which Dell BIOS versions are affected by CVE-2022-31220?

Dell BIOS versions up to and including 1.1.66 for Chengming 3900, up to and including 1.2.0 for Inspiron 14 Plus 7420 and Inspiron 16 Plus 7620, up to and including 1.1.66 for Inspiron 3910, up to and including 1.1.0 for Inspiron 5320, up to and including 1.4.1 for Inspiron 5420 and Inspiron 5620, up to and including 1.3.0 for Inspiron 7420 and Inspiron 7620, up to and including 1.1.66 for Optiplex 3000, up to and including 1.0.7 for Optiplex 3000 Thin Client, up to and including 1.3.62 for Optiplex 5000, up to and including 1.0.13 for Optiplex 5400 and Optiplex 7400, up to and including 1.3.62 for Optiplex 7000 and Optiplex 7000 OEM, up to and including 1.3.71 for Precision 3460 Small Form Factor, up to and including 1.3.62 for Precision 3660 Tower, up to and including 1.6.0 for Precision 5770, up to and including 1.1.66 for Vostro 3710 and Vostro 3910, up to and including 1.1.0 for Vostro 5320, up to and including 1.4.1 for Vostro 5620, up to and including 1.2.0 for Vostro 7620, and up to and including 1.6.0 for XPS 17 9720 are affected by CVE-2022-31220.

How can I fix CVE-2022-31220?

To fix CVE-2022-31220, it is recommended to update the affected Dell BIOS versions to a version that includes the necessary security patches. You can find more information and download the updates from Dell's official support website.

Where can I find more information about CVE-2022-31220?

You can find more information about CVE-2022-31220, including the official advisory and any related updates, on Dell's support website at the following link: [Dell Support - CVE-2022-31220](https://www.dell.com/support/kbdoc/000202196)

Vulnerability/
CVE-2022-31220

medium

5.1

CWE

252 1038

12/9/2022

16/9/2024

CVE-2022-31220

First published: Mon Sep 12 2022(Updated: )

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell chengming 3900 firmware	<1.1.66
Dell chengming 3900
Dell inspiron 14 plus 7420 firmware	<1.2.0
Dell inspiron 14 plus 7420
Dell inspiron 16 plus 7620 firmware	<1.2.0
Dell inspiron 16 plus 7620
Dell inspiron 3910 firmware	<1.1.66
Dell inspiron 3910
Dell inspiron 5320 firmware	<1.1.0
Dell inspiron 5320
Dell inspiron 5420 firmware	<1.4.1
Dell inspiron 5420
Dell inspiron 5620 firmware	<1.4.1
Dell inspiron 5620
Dell inspiron 7420 firmware	<1.3.0
Dell inspiron 7420
Dell Inspiron 7620 Firmware	<1.3.0
Dell Inspiron 7620
Dell optiplex 3000 firmware	<1.1.66
Dell optiplex 3000
Dell optiplex 3000 thin client firmware	<1.0.7
Dell Optiplex 3000 Thin Client
Dell optiplex 5000 firmware	<1.3.62
Dell optiplex 5000
Dell optiplex 5400 firmware	<1.0.13
Dell OptiPlex 5400
Dell optiplex 7000 firmware	<1.3.62
Dell optiplex 7000
Dell optiplex 7000 oem firmware	<1.3.62
Dell optiplex 7000 oem
Dell optiplex 7400 firmware	<1.0.13
Dell optiplex 7400
Dell precision 3460 small form factor firmware	<1.3.62
Dell precision 3460 small form factor
Dell Precision 3660 Tower Firmware	<1.3.71
Dell Precision 3660 Tower Firmware
Dell precision 5770 firmware	<1.6.0
Dell precision 5770
Dell vostro 3710 firmware	<1.1.66
Dell vostro 3710
Dell vostro 3910 firmware	<1.1.66
Dell vostro 3910
Dell vostro 5320 firmware	<1.1.0
Dell vostro 5320
Dell vostro 5620 firmware	<1.4.1
Dell vostro 5620
Dell vostro 7620 firmware	<1.2.0
Dell vostro 7620
Dell xps 17 9720 firmware	<1.6.0
Dell xps 17 9720

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/000202196

Frequently Asked Questions

What is CVE-2022-31220?
CVE-2022-31220 refers to a vulnerability in Dell BIOS versions that allows a local authenticated administrator user to change the state of the system or cause unexpected failures.
How severe is the CVE-2022-31220 vulnerability?
The severity of CVE-2022-31220 is medium with a severity value of 5.1.
Which Dell BIOS versions are affected by CVE-2022-31220?
Dell BIOS versions up to and including 1.1.66 for Chengming 3900, up to and including 1.2.0 for Inspiron 14 Plus 7420 and Inspiron 16 Plus 7620, up to and including 1.1.66 for Inspiron 3910, up to and including 1.1.0 for Inspiron 5320, up to and including 1.4.1 for Inspiron 5420 and Inspiron 5620, up to and including 1.3.0 for Inspiron 7420 and Inspiron 7620, up to and including 1.1.66 for Optiplex 3000, up to and including 1.0.7 for Optiplex 3000 Thin Client, up to and including 1.3.62 for Optiplex 5000, up to and including 1.0.13 for Optiplex 5400 and Optiplex 7400, up to and including 1.3.62 for Optiplex 7000 and Optiplex 7000 OEM, up to and including 1.3.71 for Precision 3460 Small Form Factor, up to and including 1.3.62 for Precision 3660 Tower, up to and including 1.6.0 for Precision 5770, up to and including 1.1.66 for Vostro 3710 and Vostro 3910, up to and including 1.1.0 for Vostro 5320, up to and including 1.4.1 for Vostro 5620, up to and including 1.2.0 for Vostro 7620, and up to and including 1.6.0 for XPS 17 9720 are affected by CVE-2022-31220.
How can I fix CVE-2022-31220?
To fix CVE-2022-31220, it is recommended to update the affected Dell BIOS versions to a version that includes the necessary security patches. You can find more information and download the updates from Dell's official support website.
Where can I find more information about CVE-2022-31220?
You can find more information about CVE-2022-31220, including the official advisory and any related updates, on Dell's support website at the following link: [Dell Support - CVE-2022-31220](https://www.dell.com/support/kbdoc/000202196)

agent/weakness
agent/type
agent/severity
agent/author
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/dell chengming 3900 firmware
canonical/dell chengming 3900
canonical/dell inspiron 14 plus 7420 firmware
canonical/dell inspiron 14 plus 7420
canonical/dell inspiron 16 plus 7620 firmware
canonical/dell inspiron 16 plus 7620
canonical/dell inspiron 3910 firmware
canonical/dell inspiron 3910
canonical/dell inspiron 5320 firmware
canonical/dell inspiron 5320
canonical/dell inspiron 5420 firmware
canonical/dell inspiron 5420
canonical/dell inspiron 5620 firmware
canonical/dell inspiron 5620
canonical/dell inspiron 7420 firmware
canonical/dell inspiron 7420
canonical/dell inspiron 7620 firmware
canonical/dell inspiron 7620
canonical/dell optiplex 3000 firmware
canonical/dell optiplex 3000
canonical/dell optiplex 3000 thin client firmware
canonical/dell optiplex 3000 thin client
canonical/dell optiplex 5000 firmware
canonical/dell optiplex 5000
canonical/dell optiplex 5400 firmware
canonical/dell optiplex 5400
canonical/dell optiplex 7000 firmware
canonical/dell optiplex 7000
canonical/dell optiplex 7000 oem firmware
canonical/dell optiplex 7000 oem
canonical/dell optiplex 7400 firmware
canonical/dell optiplex 7400
canonical/dell precision 3460 small form factor firmware
canonical/dell precision 3460 small form factor
canonical/dell precision 3660 tower firmware
canonical/dell precision 5770 firmware
canonical/dell precision 5770
canonical/dell vostro 3710 firmware
canonical/dell vostro 3710
canonical/dell vostro 3910 firmware
canonical/dell vostro 3910
canonical/dell vostro 5320 firmware
canonical/dell vostro 5320
canonical/dell vostro 5620 firmware
canonical/dell vostro 5620
canonical/dell vostro 7620 firmware
canonical/dell vostro 7620
canonical/dell xps 17 9720 firmware
canonical/dell xps 17 9720