First published: Wed Jan 18 2023(Updated: )
Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell G5 Se 5505 Firmware | <1.12.1 | |
Dell G5 Se 5505 | ||
Dell Inspiron 27 7775 Firmware | <2.17.0 | |
Dell Inspiron 27 7775 | ||
Dell Inspiron 3180 Firmware | <1.5.0 | |
Dell Inspiron 3180 | ||
Dell Inspiron 3185 Firmware | <1.5.0 | |
Dell Inspiron 3185 | ||
Dell Inspiron 3195 2-in-1 Firmware | <1.5.0 | |
Dell Inspiron 3195 2-in-1 | ||
Dell Inspiron 3275 Firmware | <1.9.1 | |
Dell Inspiron 3275 | ||
Dell Inspiron 3475 Firmware | <1.9.1 | |
Dell Inspiron 3475 | ||
Dell Inspiron 3505 Firmware | <1.8.0 | |
Dell Inspiron 3505 | ||
Dell Inspiron 3515 Firmware | <1.7.0 | |
Dell Inspiron 3515 | ||
Dell Inspiron 3585 Firmware | <1.9.0 | |
Dell Inspiron 3585 | ||
Dell Inspiron 3595 Firmware | <1.4.0 | |
Dell Inspiron 3595 | ||
Dell Inspiron 3785 Firmware | <1.9.0 | |
Dell Inspiron 3785 | ||
Dell Inspiron 5405 Firmware | <1.8.1 | |
Dell Inspiron 5405 | ||
Dell Inspiron 5415 Firmware | <1.12.0 | |
Dell Inspiron 5415 | ||
Dell Inspiron 5485 Firmware | <2.10.1 | |
Dell Inspiron 5485 | ||
Dell Inspiron 5485 2-in-1 Firmware | <2.10.1 | |
Dell Inspiron 5485 2-in-1 | ||
Dell Inspiron 5505 Firmware | <1.8.1 | |
Dell Inspiron 5505 | ||
Dell Inspiron 5515 Firmware | <1.12.0 | |
Dell Inspiron 5515 | ||
Dell Inspiron 5585 Firmware | <2.10.1 | |
Dell Inspiron 5585 | ||
Dell Inspiron 7375 Firmware | <1.9.0 | |
Dell Inspiron 7375 | ||
Dell Inspiron 7405 2-in-1 Firmware | <1.9.1 | |
Dell Inspiron 7405 2-in-1 | ||
Dell Inspiron 7415 Firmware | <1.12.0 | |
Dell Inspiron 7415 | ||
Dell Vostro 3405 Firmware | <1.8.0 | |
Dell Vostro 3405 | ||
Dell Vostro 3515 Firmware | <1.7.0 | |
Dell Vostro 3515 | ||
Dell Vostro 5415 Firmware | <1.12.0 | |
Dell Vostro 5415 | ||
Dell Vostro 5515 Firmware | <1.12.0 | |
Dell Vostro 5515 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-34460 is a vulnerability in prior Dell BIOS versions that allows a local authenticated user to gain arbitrary code execution in SMRAM.
An attacker can exploit CVE-2022-34460 by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-34460 has a severity rating of 7.8 (High).
Dell G5 Se 5505, Dell Inspiron 27 7775, Dell Inspiron 3180, Dell Inspiron 3185, Dell Inspiron 3275, Dell Inspiron 3475, Dell Inspiron 3505, Dell Inspiron 3515, Dell Inspiron 3585, Dell Inspiron 3595, Dell Inspiron 3785, Dell Inspiron 5405, Dell Inspiron 5415, Dell Inspiron 5485, Dell Inspiron 5505, Dell Inspiron 5515, Dell Inspiron 5585, Dell Inspiron 7375, Dell Inspiron 7405 2-in-1, Dell Inspiron 7415, Dell Vostro 3405, Dell Vostro 3515, Dell Vostro 5415, Dell Vostro 5515.
To fix CVE-2022-34460, update the affected Dell BIOS versions to the latest available version.