CVE-2022-24417

Summary

CVE	CVE-2022-24417
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-05-26 16:15:00 UTC
Updated	2022-06-07 17:03:00 UTC
Description	Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Dell	Dell G5 5505	-	All	All	All
Operating System	Dell	Dell G5 5505 Firmware	All	All	All	All
Hardware	Dell	Inspiron 22-3275	-	All	All	All
Operating System	Dell	Inspiron 22-3275 Firmware	All	All	All	All
Hardware	Dell	Inspiron 24-3475	-	All	All	All
Operating System	Dell	Inspiron 24-3475 Firmware	All	All	All	All
Hardware	Dell	Inspiron 27 7775	-	All	All	All
Operating System	Dell	Inspiron 27 7775 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3180	-	All	All	All
Operating System	Dell	Inspiron 3180 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3185	-	All	All	All
Operating System	Dell	Inspiron 3185 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3195	-	All	All	All
Operating System	Dell	Inspiron 3195 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3505	-	All	All	All
Operating System	Dell	Inspiron 3505 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3515	-	All	All	All
Operating System	Dell	Inspiron 3515 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3585	-	All	All	All
Operating System	Dell	Inspiron 3585 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3595	-	All	All	All
Operating System	Dell	Inspiron 3595 Firmware	All	All	All	All
Hardware	Dell	Inspiron 3785	-	All	All	All
Operating System	Dell	Inspiron 3785 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5405	-	All	All	All
Operating System	Dell	Inspiron 5405 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5415	-	All	All	All
Operating System	Dell	Inspiron 5415 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5485	-	All	All	All
Operating System	Dell	Inspiron 5485 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5505	-	All	All	All
Operating System	Dell	Inspiron 5505 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5515	-	All	All	All
Operating System	Dell	Inspiron 5515 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5575	-	All	All	All
Operating System	Dell	Inspiron 5575 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5585	-	All	All	All
Operating System	Dell	Inspiron 5585 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5675	-	All	All	All
Operating System	Dell	Inspiron 5675 Firmware	All	All	All	All
Hardware	Dell	Inspiron 5775	-	All	All	All
Operating System	Dell	Inspiron 5775 Firmware	All	All	All	All
Hardware	Dell	Inspiron 7375	-	All	All	All
Operating System	Dell	Inspiron 7375 Firmware	All	All	All	All
Hardware	Dell	Inspiron 7405	-	All	All	All
Operating System	Dell	Inspiron 7405 Firmware	All	All	All	All
Hardware	Dell	Inspiron 7415	-	All	All	All
Operating System	Dell	Inspiron 7415 Firmware	All	All	All	All
Hardware	Dell	Vostro 3405	-	All	All	All
Operating System	Dell	Vostro 3405 Firmware	All	All	All	All
Hardware	Dell	Vostro 3515	-	All	All	All
Operating System	Dell	Vostro 3515 Firmware	All	All	All	All
Hardware	Dell	Vostro 5415	-	All	All	All
Operating System	Dell	Vostro 5415 Firmware	All	All	All	All
Hardware	Dell	Vostro 5515	-	All	All	All
Operating System	Dell	Vostro 5515 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Access Denied	MISC	www.dell.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.