CVE-2022-34391
published 2022-10-12CVE-2022-34391: Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_area-51_r4_firmware | < 2.0.6 | 2.0.6 |
| dell | alienware_area-51_r5_firmware | < 2.0.6 | 2.0.6 |
| dell | cpg_bios | >= unspecified < 1.2.15 | 1.2.15 |