1. Home
  2. CVE Database
  3. CVE-2022-22567
MEDIUM · 4.7

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability i...

Vulnerability Description

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

CVSS Score

4.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:L
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
DellAlienware Area 51M R1 Firmware< 1.16.0
DellAlienware Area 51M R1-
DellAlienware Area 51M R2 Firmware< 1.11.0
DellAlienware Area 51M R2-
DellAlienware M15 R3 Firmware< 1.12.0
DellAlienware M15 R3-
DellAlienware M15 R4 Firmware< 1.6.2
DellAlienware M15 R4-
DellAlienware M15 R6 Firmware< 1.6.0
DellAlienware M15 R6-
DellAlienware M17 R3 Firmware< 1.12.0
DellAlienware M17 R3-
DellAlienware M17 R4 Firmware< 1.6.2
DellAlienware M17 R4-
DellChengming 3990 Firmware< 1.6.0
DellChengming 3990-
DellChengming 3991 Firmware< 1.6.0
DellChengming 3991-
DellG15 5510 Firmware< 1.8.0
DellG15 5510-

Related Weaknesses (CWE)

CWE-345

References

FAQ

What is CVE-2022-22567?

CVE-2022-22567 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability i...

How severe is CVE-2022-22567?

CVE-2022-22567 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22567?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware Area 51M R1 Firmware, Dell Alienware Area 51M R1, Dell Alienware Area 51M R2 Firmware, Dell Alienware Area 51M R2, Dell Alienware M15 R3 Firmware.