CVE-2022-30426

Summary

CVE	CVE-2022-30426
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-09-23 00:15:00 UTC
Updated	2022-09-26 14:35:00 UTC
Description	There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Acer	Altos T110 F3	-	All	All	All
Operating System	Acer	Altos T110 F3 Firmware	All	All	All	All
Hardware	Acer	Ap130 F2	-	All	All	All
Operating System	Acer	Ap130 F2 Firmware	All	All	All	All
Hardware	Acer	Aspire 1600x	-	All	All	All
Operating System	Acer	Aspire 1600x Firmware	All	All	All	All
Hardware	Acer	Aspire 1602m	-	All	All	All
Operating System	Acer	Aspire 1602m Firmware	All	All	All	All
Hardware	Acer	Aspire 7600u	-	All	All	All
Operating System	Acer	Aspire 7600u Firmware	All	All	All	All
Hardware	Acer	Aspire Mc605	-	All	All	All
Operating System	Acer	Aspire Mc605 Firmware	All	All	All	All
Hardware	Acer	Aspire Tc-105	-	All	All	All
Operating System	Acer	Aspire Tc-105 Firmware	All	All	All	All
Hardware	Acer	Aspire Tc-120	-	All	All	All
Operating System	Acer	Aspire Tc-120 Firmware	All	All	All	All
Hardware	Acer	Aspire U5-620	-	All	All	All
Operating System	Acer	Aspire U5-620 Firmware	All	All	All	All
Hardware	Acer	Aspire X1935	-	All	All	All
Operating System	Acer	Aspire X1935 Firmware	All	All	All	All
Hardware	Acer	Aspire X3475	-	All	All	All
Operating System	Acer	Aspire X3475 Firmware	All	All	All	All
Hardware	Acer	Aspire X3995	-	All	All	All
Operating System	Acer	Aspire X3995 Firmware	All	All	All	All
Hardware	Acer	Aspire Xc100	-	All	All	All
Operating System	Acer	Aspire Xc100 Firmware	All	All	All	All
Hardware	Acer	Aspire Xc600	-	All	All	All
Operating System	Acer	Aspire Xc600 Firmware	All	All	All	All
Hardware	Acer	Aspire Z3-615	-	All	All	All
Operating System	Acer	Aspire Z3-615 Firmware	All	All	All	All
Hardware	Acer	Veriton B630 49	-	All	All	All
Operating System	Acer	Veriton B630 49 Firmware	All	All	All	All
Hardware	Acer	Veriton E430	-	All	All	All
Hardware	Acer	Veriton E430g	-	All	All	All
Operating System	Acer	Veriton E430g Firmware	All	All	All	All
Operating System	Acer	Veriton E430 Firmware	All	All	All	All
Hardware	Acer	Veriton M2110g	-	All	All	All
Operating System	Acer	Veriton M2110g Firmware	All	All	All	All
Hardware	Acer	Veriton M2120g	-	All	All	All
Operating System	Acer	Veriton M2120g Firmware	All	All	All	All
Hardware	Acer	Veriton M2611	-	All	All	All
Hardware	Acer	Veriton M2611g	-	All	All	All
Operating System	Acer	Veriton M2611g Firmware	All	All	All	All
Operating System	Acer	Veriton M2611 Firmware	All	All	All	All
Hardware	Acer	Veriton M4620	-	All	All	All
Hardware	Acer	Veriton M4620g	-	All	All	All
Operating System	Acer	Veriton M4620g Firmware	All	All	All	All
Operating System	Acer	Veriton M4620 Firmware	All	All	All	All
Hardware	Acer	Veriton M6620g	-	All	All	All
Operating System	Acer	Veriton M6620g Firmware	All	All	All	All
Hardware	Acer	Veriton N2620g	-	All	All	All
Operating System	Acer	Veriton N2620g Firmware	All	All	All	All
Hardware	Acer	Veriton N4620g	-	All	All	All
Operating System	Acer	Veriton N4620g Firmware	All	All	All	All
Hardware	Acer	Veriton N4630g	-	All	All	All
Operating System	Acer	Veriton N4630g Firmware	All	All	All	All
Hardware	Acer	Veriton S6620g	-	All	All	All
Operating System	Acer	Veriton S6620g Firmware	All	All	All	All
Hardware	Acer	Veriton X2611	-	All	All	All
Hardware	Acer	Veriton X2611g	-	All	All	All
Operating System	Acer	Veriton X2611g Firmware	All	All	All	All
Operating System	Acer	Veriton X2611 Firmware	All	All	All	All
Hardware	Acer	Veriton X4620g	-	All	All	All
Operating System	Acer	Veriton X4620g Firmware	All	All	All	All
Hardware	Acer	Veriton X6620g	-	All	All	All
Operating System	Acer	Veriton X6620g Firmware	All	All	All	All
Hardware	Acer	Veriton Z2650g	-	All	All	All
Operating System	Acer	Veriton Z2650g Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Acer Laptops, Desktops, Chromebooks, Monitors & Projectors \| Acer United States	MISC	acer.com
vulnerabilities/CVE-2022-30426.md at main · 10TG/vulnerabilities · GitHub	MISC	github.com
Cyberfinder.com	MISC	altos.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.