Vulnerability Description
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell G5 5505 Firmware | < 1.10.0 |
| Dell | Dell G5 5505 | - |
| Dell | Inspiron 22-3275 Firmware | < 1.8.0 |
| Dell | Inspiron 22-3275 | - |
| Dell | Inspiron 24-3475 Firmware | < 1.8.0 |
| Dell | Inspiron 24-3475 | - |
| Dell | Inspiron 27 7775 Firmware | < 2.15.0 |
| Dell | Inspiron 27 7775 | - |
| Dell | Inspiron 3180 Firmware | < 1.4.4 |
| Dell | Inspiron 3180 | - |
| Dell | Inspiron 3185 Firmware | < 1.4.4 |
| Dell | Inspiron 3185 | - |
| Dell | Inspiron 3195 Firmware | < 1.4.1 |
| Dell | Inspiron 3195 | - |
| Dell | Inspiron 3505 Firmware | < 1.5.0 |
| Dell | Inspiron 3505 | - |
| Dell | Inspiron 3515 Firmware | < 1.4.0 |
| Dell | Inspiron 3515 | - |
| Dell | Inspiron 3585 Firmware | < 1.6.0 |
| Dell | Inspiron 3585 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095Vendor Advisory
FAQ
What is CVE-2022-24418?
CVE-2022-24418 is a vulnerability with a CVSS score of 7.5 (HIGH). Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during S...
How severe is CVE-2022-24418?
CVE-2022-24418 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-24418?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Dell G5 5505 Firmware, Dell Dell G5 5505, Dell Inspiron 22-3275 Firmware, Dell Inspiron 22-3275, Dell Inspiron 24-3475 Firmware.