cbcvebase.
CVE-2022-26860
published 2022-09-06

CVE-2022-26860: Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

Affected

400 ranges· showing 25
VendorProductVersion rangeFixed in
dellalienware_m15_r6_firmware< 1.8.01.8.0
dellchengming_3980_firmware< 2.21.02.21.0
dellchengming_3988_firmware< 1.9.01.9.0
dellchengming_3990_firmware< 1.8.21.8.2
dellchengming_3991_firmware< 1.8.21.8.2
dellcpg_bios>= unspecified < AllAll
delledge_gateway_3000_firmware< 1.8.01.8.0
delledge_gateway_5000_firmware< 1.18.01.18.0
dellembedded_box_pc_3000_firmware< 1.14.01.14.0
dellembedded_box_pc_5000_firmware< 1.15.01.15.0
dellg15_5510_firmware< 1.8.01.8.0
dellg15_5511_firmware< 1.9.01.9.0
dellg3_15_3590_firmware< 1.16.01.16.0
dellg3_3500_firmware< 1.12.01.12.0
dellg3_3579_firmware< 1.19.01.19.0
dellg5_15_5587_firmware< 1.19.01.19.0
dellg5_15_5590_firmware< 1.18.01.18.0
dellg5_5000_firmware< 1.5.11.5.1
dellg5_5090_firmware< 1.12.01.12.0
dellg5_5500_firmware< 1.12.01.12.0
dellg7_17_7700_firmware< 1.12.01.12.0
dellg7_17_7790_firmware< 1.18.01.18.0
dellg7_7500_firmware< 1.12.01.12.0
dellg7_7588_firmware< 1.19.01.19.0
dellinspiron_13_5378_firmware< 1.36.01.36.0