Vulnerability Description
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | R6415 Firmware | < 1.18.0 |
| Dell | R6415 | - |
| Dell | R7415 Firmware | < 1.18.0 |
| Dell | R7415 | - |
| Dell | R7425 Firmware | < 1.18.0 |
| Dell | R7425 | - |
| Dell | R730 Firmware | < 2.14.0 |
| Dell | R730 | - |
| Dell | R730Xd Firmware | < 2.14.0 |
| Dell | R730Xd | - |
| Dell | R630 Firmware | < 2.14.0 |
| Dell | R630 | - |
| Dell | C4130 Firmware | < 2.14.0 |
| Dell | C4130 | - |
| Dell | M630 Firmware | < 2.14.0 |
| Dell | M630 | - |
| Dell | M630P Firmware | < 2.14.0 |
| Dell | M630P | - |
| Dell | Fc630 Firmware | < 2.14.0 |
| Dell | Fc630 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/000197971Vendor Advisory
- https://www.dell.com/support/kbdoc/000197971Vendor Advisory
FAQ
What is CVE-2022-22558?
CVE-2022-22558 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potent...
How severe is CVE-2022-22558?
CVE-2022-22558 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22558?
Check the references section above for vendor advisories and patch information. Affected products include: Dell R6415 Firmware, Dell R6415, Dell R7415 Firmware, Dell R7415, Dell R7425 Firmware.