CVE-2022-22566 — MEDIUM (6.9)

Q: How severe is CVE-2022-22566?

CVE-2022-22566 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-22566?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware Area 51M R1 Firmware, Dell Alienware Area 51M R1, Dell Alienware Area 51M R2 Firmware, Dell Alienware Area 51M R2, Dell Alienware M15 R3 Firmware.

Vulnerability Description

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

CVSS Score

6.9

MEDIUM

CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dell	Alienware Area 51M R1 Firmware	< 1.16.0
Dell	Alienware Area 51M R1	-
Dell	Alienware Area 51M R2 Firmware	< 1.11.0
Dell	Alienware Area 51M R2	-
Dell	Alienware M15 R3 Firmware	< 1.12.0
Dell	Alienware M15 R3	-
Dell	Alienware M15 R4 Firmware	< 1.6.2
Dell	Alienware M15 R4	-
Dell	Alienware M15 R6 Firmware	< 1.6.0
Dell	Alienware M15 R6	-
Dell	Alienware M17 R3 Firmware	< 1.12.0
Dell	Alienware M17 R3	-
Dell	Alienware M17 R4 Firmware	< 1.6.2
Dell	Alienware M17 R4	-
Dell	Chengming 3990 Firmware	< 1.6.0
Dell	Chengming 3990	-
Dell	Chengming 3991 Firmware	< 1.6.0
Dell	Chengming 3991	-
Dell	G15 5510 Firmware	< 1.8.0
Dell	G15 5510	-

Related Weaknesses (CWE)

CWE-1190

References

https://www.dell.com/support/kbdoc/en-us/000195905/dsa-2022-028Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000195905/dsa-2022-028Vendor Advisory

FAQ

What is CVE-2022-22566?

CVE-2022-22566 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit t...

How severe is CVE-2022-22566?

CVE-2022-22566 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22566?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware Area 51M R1 Firmware, Dell Alienware Area 51M R1, Dell Alienware Area 51M R2 Firmware, Dell Alienware Area 51M R2, Dell Alienware M15 R3 Firmware.