CVE-2022-34390
published 2022-10-12CVE-2022-34390: Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_area-51_r4_firmware | < 2.0.6 | 2.0.6 |
| dell | alienware_area-51_r5_firmware | < 2.0.6 | 2.0.6 |
| dell | cpg_bios | >= unspecified < 8 MSI Platforms | 8 MSI Platforms |