1. Home
  2. CVE Database
  3. CVE-2022-24410
MEDIUM · 6.8

CVE-2022-24410

Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this...

Vulnerability Description

Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
DellAlienware 13 R2 Firmware< 1.13.1
DellAlienware 13 R2-
DellAlienware 13 R3 Firmware< 1.12.2
DellAlienware 13 R3-
DellAlienware 15 R2 Firmware< 1.13.1
DellAlienware 15 R2-
DellAlienware 15 R3 Firmware< 1.12.2
DellAlienware 15 R3-
DellAlienware 15 R4 Firmware< 1.13.2
DellAlienware 15 R4-
DellAlienware 17 R3 Firmware< 1.13.1
DellAlienware 17 R3-
DellAlienware 17 R4 Firmware< 1.12.2
DellAlienware 17 R4-
DellAlienware 17 R5 Firmware< 1.13.2
DellAlienware 17 R5-
DellAlienware Area 51M R1 Firmware< 1.15.1
DellAlienware Area 51M R1-
DellAlienware Area 51M R2 Firmware< 1.8.0
DellAlienware Area 51M R2-

Related Weaknesses (CWE)

CWE-312CWE-200

References

FAQ

What is CVE-2022-24410?

CVE-2022-24410 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this...

How severe is CVE-2022-24410?

CVE-2022-24410 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-24410?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware 13 R2 Firmware, Dell Alienware 13 R2, Dell Alienware 13 R3 Firmware, Dell Alienware 13 R3, Dell Alienware 15 R2 Firmware.