CVE-2022-34391

Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
References
Link Resource
https://www.dell.com/support/kbdoc/000203882 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:alienware_area-51_r5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_area-51_r5:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:alienware_area-51_r4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_area-51_r4:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-12 20:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-34391

Mitre link : CVE-2022-34391

CVE.ORG link : CVE-2022-34391


JSON object : View

Products Affected

dell

  • alienware_area-51_r5
  • alienware_area-51_r4
  • alienware_area-51_r5_firmware
  • alienware_area-51_r4_firmware
CWE
NVD-CWE-noinfo CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer