cbcvebase.
CVE-2022-24419
published 2022-03-11

CVE-2022-24419: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Affected

47 ranges· showing 25
VendorProductVersion rangeFixed in
dellalienware_13_r3_firmware< 1.16.11.16.1
dellalienware_15_r3_firmware< 1.16.11.16.1
dellalienware_15_r4_firmware< 1.17.01.17.0
dellalienware_17_r4_firmware< 1.16.11.16.1
dellalienware_17_r5_firmware< 1.17.01.17.0
dellalienware_area_51m_r1_firmware< 1.18.01.18.0
dellalienware_area_51m_r2_firmware< 1.13.01.13.0
dellalienware_aurora_r8_firmware< 1.0.201.0.20
dellalienware_m15_r2_firmware< 1.12.01.12.0
dellalienware_m15_r3_firmware< 1.14.01.14.0
dellalienware_m15_r4_firmware< 1.8.01.8.0
dellalienware_m17_r2_firmware< 1.12.01.12.0
dellalienware_m17_r3_firmware< 1.14.01.14.0
dellalienware_m17_r4_firmware< 1.8.01.8.0
dellalienware_x15_r1_firmware< 1.7.01.7.0
dellalienware_x17_r1_firmware< 1.7.01.7.0
dellcpg_bios>= unspecified < 1.161.16
delledge_gateway_3000_firmware< 1.7.01.7.0
delledge_gateway_5000_firmware< 1.17.01.17.0
delledge_gateway_5100_firmware< 1.17.01.17.0
dellembedded_box_pc_3000_firmware< 1.13.01.13.0
dellembedded_box_pc_5000_firmware< 1.14.01.14.0
dellinspiron_14_3473_firmware< 1.14.01.14.0
dellinspiron_15_3573_firmware< 1.14.01.14.0
dellinspiron_15_5566_firmware< 1.18.01.18.0