CVE-2022-34412: Buffer Overflow

First published: Thu Mar 16 2023(Updated: )

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell R6515 Firmware	<2.9.3
Dell R6515
Dell R7515 Firmware	<2.9.3
Dell R7515
Dell R6525 Firmware	<2.9.3
Dell R6525
Dell R7525 Firmware	<2.9.3
Dell R7525
Dell Xe8545 Firmware	<2.9.4
Dell Xe8545
Dell C6525 Firmware
Dell C6525
Dell R6415 Firmware	<1.19.0
Dell R6415
Dell R7415 Firmware	<1.19.0
Dell R7415
Dell R7425 Firmware	<1.19.0
Dell R7425
Dell R750 Firmware	<1.8.2
Dell R750
Dell R750xa Firmware	<1.8.2
Dell R750xa
Dell R650 Firmware	<1.8.2
Dell R650
Dell C6520 Firmware	<1.8.2
Dell C6520
Dell Mx750c Firmware	<1.8.2
Dell Mx750c
Dell R450 Firmware	<1.8.2
Dell R450
Dell R550 Firmware	<1.8.2
Dell R550
Dell R650xs Firmware	<1.8.2
Dell R650xs
Dell R750xs Firmware	<1.8.2
Dell R750xs
Dell T550 Firmware	<1.8.2
Dell T550
Dell Xr11 Firmware	<1.8.2
Dell Xr11
Dell Xr12 Firmware	<1.8.2
Dell Xr12
Dell R250 Firmware	<1.4.2
Dell R250
Dell R350 Firmware	<1.4.2
Dell R350
Dell T150 Firmware	<1.4.2
Dell T150
Dell T350 Firmware	<1.4.2
Dell T350
Dell R740 Firmware	<2.16.1
Dell R740
Dell R740xd Firmware	<2.16.1
Dell R740xd
Dell R640 Firmware	<2.16.1
Dell R640
Dell R940 Firmware	<2.16.1
Dell R940
Dell R540 Firmware	<2.16.1
Dell R540
Dell R440 Firmware	<2.16.1
Dell R440
Dell T440 Firmware	<2.16.1
Dell T440
Dell Xr2 Firmware	<2.16.1
Dell Xr2
Dell R740xd2 Firmware	<2.16.1
Dell R740xd2
Dell R840 Firmware	<2.16.1
Dell R840
Dell R940xa Firmware	<2.16.1
Dell R940xa
Dell T640 Firmware	<2.16.1
Dell T640
Dell C6420 Firmware	<2.16.1
Dell C6420
Dell Fc640 Firmware	<2.16.1
Dell Fc640
Dell M640 Firmware	<2.16.1
Dell M640
Dell M640p Firmware	<2.16.1
Dell M640p
Dell Mx740c Firmware	<2.16.1
Dell Mx740c
Dell Mx840c Firmware	<2.16.1
Dell Mx840c
Dell C4140 Firmware	<2.16.1
Dell C4140
Dell Dss8440 Firmware	<2.16.1
Dell Dss8440
Dell T140 Firmware	<2.11.1
Dell T140
Dell T340 Firmware	<2.11.1
Dell T340
Dell R240 Firmware	<2.11.1
Dell R240
Dell R340 Firmware	<2.11.1
Dell R340
Dell Xe2420 Firmware	<2.16.0
Dell Xe2420
Dell Xe7420 Firmware	<2.16.1
Dell Xe7420
Dell Xe7440 Firmware	<2.16.1
Dell Xe7440
Dell R730 Firmware	<2.16.0
Dell R730
Dell R730xd Firmware	<2.16.0
Dell R730xd
Dell R630 Firmware	<2.16.0
Dell R630
Dell C4130 Firmware	<2.16.0
Dell C4130
Dell R930 Firmware	<2.16.0
Dell R930
Dell M630 Firmware	<2.16.0
Dell M630
Dell M630p Firmware	<2.16.0
Dell M630p
Dell Fc630 Firmware	<2.16.0
Dell Fc630
Dell Fc430 Firmware	<2.16.0
Dell Fc430
Dell M830 Firmware	<2.16.0
Dell M830
Dell M830p Firmware	<2.16.0
Dell M830p
Dell Fc830 Firmware	<2.16.0
Dell Fc830
Dell T630 Firmware	<2.16.0
Dell T630
Dell R530 Firmware	<2.16.0
Dell R530
Dell R430 Firmware	<2.16.0
Dell R430
Dell T430 Firmware	<2.16.0
Dell T430
Dell R830 Firmware	<1.16.0
Dell R830
Dell C6320 Firmware	<2.16.0
Dell C6320
Dell T130 Firmware	<2.16.0
Dell T130
Dell R230 Firmware	<2.16.0
Dell R230
Dell T330 Firmware	<2.16.0
Dell T330
Dell R330 Firmware	<2.16.0
Dell R330
Dell Nx430 Firmware	<2.16.0
Dell Nx430
Dell Nx3230 Firmware	<2.16.0
Dell Nx3230
Dell Nx3330 Firmware	<2.16.0
Dell Nx3330
Dell Nx440 Firmware	<2.11.1
Dell Nx440
Dell Nx3240 Firmware	<2.16.1
Dell Nx3240
Dell Nx3340 Firmware	<2.16.1
Dell Nx3340

Remedy

https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability

CVE-2022-34412: Buffer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact