Vulnerability Description
Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing drive security mechanisms in order to gain access to the system.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Chengming 3980 Firmware | < 2.23.0 |
| Dell | Chengming 3980 | - |
| Dell | Chengming 3990 Firmware | < 1.11.0 |
| Dell | Chengming 3990 | - |
| Dell | Chengming 3991 Firmware | < 1.11.0 |
| Dell | Chengming 3991 | - |
| Dell | G3 3579 Firmware | < 1.21.0 |
| Dell | G3 3579 | - |
| Dell | G3 3779 Firmware | < 1.21.0 |
| Dell | G3 3779 | - |
| Dell | G5 5587 Firmware | < 1.21.0 |
| Dell | G5 5587 | - |
| Dell | G5 5000 Firmware | < 1.7.0 |
| Dell | G5 5000 | - |
| Dell | G5 5090 Firmware | < 1.14.0 |
| Dell | G5 5090 | - |
| Dell | G7 7588 Firmware | < 1.21.0 |
| Dell | G7 7588 | - |
| Dell | Inspiron 3470 Firmware | < 2.23.0 |
| Dell | Inspiron 3470 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/000201396Vendor Advisory
- https://www.dell.com/support/kbdoc/000201396Vendor Advisory
FAQ
What is CVE-2022-29083?
CVE-2022-29083 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing driv...
How severe is CVE-2022-29083?
CVE-2022-29083 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-29083?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Chengming 3980 Firmware, Dell Chengming 3980, Dell Chengming 3990 Firmware, Dell Chengming 3990, Dell Chengming 3991 Firmware.