CVE-2022-34401
published 2023-01-18CVE-2022-34401: Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI…
high7.5CVSS 3.1
AVLACHPRHUINSCCHIHAH
Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_m15_a6_firmware | < 1.4.3 | 1.4.3 |
| dell | alienware_m17_r5_firmware | < 1.4.3 | 1.4.3 |
| dell | cpg_bios | — | — |
| dell | g15_5525_firmware | < 1.4.3 | 1.4.3 |