First published: Wed Jan 18 2023(Updated: )
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell Edge Gateway 3000 Firmware | <1.9.0 | |
Dell Edge Gateway 3000 | ||
Dell Edge Gateway 5000 Firmware | <1.19.0 | |
Dell Edge Gateway 5000 | ||
Dell Embedded Box Pc 3000 Firmware | <1.15.0 | |
Dell Embedded Box Pc 3000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-32490.
The severity of CVE-2022-32490 is high.
Dell Edge Gateway 3000 Firmware up to version 1.9.0 is affected by CVE-2022-32490.
Dell Edge Gateway 5000 Firmware up to version 1.19.0 is affected by CVE-2022-32490.
Dell Embedded Box Pc 3000 Firmware up to version 1.15.0 is affected by CVE-2022-32490.
No, Dell Edge Gateway 3000 is not vulnerable to CVE-2022-32490.
No, Dell Edge Gateway 5000 is not vulnerable to CVE-2022-32490.
No, Dell Embedded Box Pc 3000 is not vulnerable to CVE-2022-32490.
A local authenticated malicious user can exploit CVE-2022-32490 by using an SMI to gain arbitrary code execution in SMRAM.
You can find more information about CVE-2022-32490 at the following link: [https://www.dell.com/support/kbdoc/000204685](https://www.dell.com/support/kbdoc/000204685)