CVE-2022-34403
published 2023-02-01CVE-2022-34403: Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to…
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
Affected
84 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_m15_r6_firmware | < 1.17.0 | 1.17.0 |
| dell | alienware_m15_r7_firmware | < 1.4.3 | 1.4.3 |
| dell | alienware_m15_ryzen_edition_r5_firmware | < 1.8.0 | 1.8.0 |
| dell | alienware_m17_r5_amd_firmware | < 1.4.3 | 1.4.3 |
| dell | cpg_bios | <= 2.15.2 | — |
| dell | g15_5510_firmware | < 1.16.0 | 1.16.0 |
| dell | g15_5511_firmware | < 1.18.0 | 1.18.0 |
| dell | g15_5515_firmware | < 1.8.0 | 1.8.0 |
| dell | g15_5525_firmware | < 1.4.3 | 1.4.3 |
| dell | g5_se_5505_firmware | < 1.13.0 | 1.13.0 |
| dell | inspiron_14_5410_2-in-1_firmware | < 2.15.2 | 2.15.2 |
| dell | inspiron_15_3511_firmware | < 1.18.2 | 1.18.2 |
| dell | inspiron_3195_2-in-1_firmware | < 1.6.0 | 1.6.0 |
| dell | inspiron_3275_firmware | < 1.9.2 | 1.9.2 |
| dell | inspiron_3475_firmware | < 1.9.2 | 1.9.2 |
| dell | inspiron_3505_firmware | < 1.9.0 | 1.9.0 |
| dell | inspiron_3515_firmware | < 1.9.0 | 1.9.0 |
| dell | inspiron_3525_firmware | < 1.5.0 | 1.5.0 |
| dell | inspiron_3585_firmware | < 1.10.0 | 1.10.0 |
| dell | inspiron_3595_firmware | < 1.5.0 | 1.5.0 |
| dell | inspiron_3785_firmware | < 1.10.0 | 1.10.0 |
| dell | inspiron_3891_firmware | < 1.12.0 | 1.12.0 |
| dell | inspiron_5310_firmware | < 2.15.0 | 2.15.0 |
| dell | inspiron_5405_firmware | < 1.9.0 | 1.9.0 |
| dell | inspiron_5410_firmware | < 2.14.0 | 2.14.0 |