CVE-2022-26863

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:alienware_m15_r5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m15_r5:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:g15_5515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:g15_5515:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:g5_se_5505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:g5_se_5505:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:inspiron_14_5425_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_14_5425:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:inspiron_3275_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3275:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:inspiron_3475_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3475:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:inspiron_3195_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3195:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:inspiron_3525_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3525:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dell:inspiron_5415_all-in-one_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5415_all-in-one:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:dell:inspiron_5575_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5575:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:dell:inspiron_7405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7405:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:dell:inspiron_7425_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7425:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:dell:vostro_3525_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3525:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:dell:vostro_5625_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5625:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:54

Type Values Removed Values Added
CVSS v2 : 7.2
v3 : 7.8
v2 : 7.2
v3 : 6.3
References () https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096 - Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096 - Vendor Advisory

Information

Published : 2022-06-23 18:15

Updated : 2024-11-21 06:54


NVD link : CVE-2022-26863

Mitre link : CVE-2022-26863

CVE.ORG link : CVE-2022-26863


JSON object : View

Products Affected

dell

  • inspiron_3475_firmware
  • inspiron_3475
  • inspiron_5505
  • inspiron_14_5425
  • inspiron_5515
  • inspiron_5575_firmware
  • inspiron_7425
  • inspiron_3585
  • inspiron_7415
  • inspiron_3185
  • inspiron_27_7775
  • inspiron_5575
  • inspiron_3515
  • vostro_5415
  • vostro_3525
  • inspiron_3195_firmware
  • inspiron_5415_firmware
  • inspiron_3275_firmware
  • inspiron_3195
  • inspiron_5405_firmware
  • inspiron_3515_firmware
  • inspiron_5415_all-in-one_firmware
  • inspiron_7405_firmware
  • inspiron_27_7775_firmware
  • inspiron_3185_firmware
  • inspiron_5485_firmware
  • vostro_3405_firmware
  • inspiron_3275
  • inspiron_5405
  • inspiron_5415
  • inspiron_7375
  • inspiron_3525
  • inspiron_5505_firmware
  • inspiron_5485
  • inspiron_3505
  • inspiron_7375_firmware
  • vostro_5515
  • inspiron_3785_firmware
  • inspiron_5585_firmware
  • vostro_3525_firmware
  • inspiron_5415_all-in-one
  • inspiron_7405
  • vostro_5625
  • g5_se_5505_firmware
  • vostro_3515_firmware
  • inspiron_3180_firmware
  • inspiron_3525_firmware
  • alienware_m15_r5_firmware
  • inspiron_7415_firmware
  • inspiron_7425_firmware
  • vostro_5415_firmware
  • vostro_3515
  • inspiron_3785
  • g5_se_5505
  • vostro_3405
  • inspiron_5585
  • vostro_5515_firmware
  • inspiron_3505_firmware
  • inspiron_3595_firmware
  • inspiron_5515_firmware
  • inspiron_3595
  • g15_5515
  • inspiron_3180
  • vostro_5625_firmware
  • alienware_m15_r5
  • g15_5515_firmware
  • inspiron_3585_firmware
  • inspiron_14_5425_firmware
CWE
CWE-20

Improper Input Validation