CVE-2022-22558

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:r6415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r6415:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:r7415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r7415:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:r7425_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r7425:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:r730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r730:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:r730xd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r730xd:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:r630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r630:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:c4130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:c4130:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:m630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:m630:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:m630p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:m630p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:fc630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:fc630:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:fc430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:fc430:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:m830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:m830:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:m830p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:m830p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dell:fc830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:fc830:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dell:t630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:t630:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dell:r530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r530:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dell:r430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r430:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dell:t430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:t430:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dell:r830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:r830:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dell:c6320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:c6320:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:47

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/000197971 - Vendor Advisory () https://www.dell.com/support/kbdoc/000197971 - Vendor Advisory
CVSS v2 : 3.6
v3 : 6.0
v2 : 3.6
v3 : 5.7

Information

Published : 2022-04-21 21:15

Updated : 2024-11-21 06:47


NVD link : CVE-2022-22558

Mitre link : CVE-2022-22558

CVE.ORG link : CVE-2022-22558


JSON object : View

Products Affected

dell

  • c6320
  • r630_firmware
  • t630
  • c4130
  • r6415
  • r830_firmware
  • c4130_firmware
  • r830
  • fc830_firmware
  • r630
  • r730_firmware
  • t430_firmware
  • fc430
  • m630
  • r6415_firmware
  • r7415_firmware
  • fc430_firmware
  • fc830
  • r530
  • m830
  • m830p_firmware
  • r7425_firmware
  • m830_firmware
  • m830p
  • r7425
  • fc630_firmware
  • r730xd
  • c6320_firmware
  • r430
  • r530_firmware
  • m630p
  • fc630
  • r730xd_firmware
  • t430
  • r7415
  • m630p_firmware
  • r730
  • r430_firmware
  • t630_firmware
  • m630_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer