Vulnerability Description
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Alienware M15 R6 Firmware | < 1.17.0 |
| Dell | Alienware M15 R6 | - |
| Dell | Alienware M15 R7 Firmware | < 1.10.0 |
| Dell | Alienware M15 R7 | - |
| Dell | Chengming 3900 Firmware | < 1.7.3 |
| Dell | Chengming 3900 | - |
| Dell | G15 5510 Firmware | < 1.16.0 |
| Dell | G15 5510 | - |
| Dell | G15 5511 Firmware | < 1.18.0 |
| Dell | G15 5511 | - |
| Dell | G15 5520 Firmware | < 1.10.0 |
| Dell | G15 5520 | - |
| Dell | G16 7620 Firmware | < 1.12.0 |
| Dell | G16 7620 | - |
| Dell | G3 3500 Firmware | < 1.20.0 |
| Dell | G3 3500 | - |
| Dell | G5 15 5500 Firmware | < 1.20.0 |
| Dell | G5 15 5500 | - |
| Dell | G7 15 7500 Firmware | < 1.19.0 |
| Dell | G7 15 7500 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000205717/dsa-2022-326Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000205717/dsa-2022-326Vendor Advisory
FAQ
What is CVE-2022-32482?
CVE-2022-32482 is a vulnerability with a CVSS score of 5.6 (MEDIUM). Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable...
How severe is CVE-2022-32482?
CVE-2022-32482 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-32482?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware M15 R6 Firmware, Dell Alienware M15 R6, Dell Alienware M15 R7 Firmware, Dell Alienware M15 R7, Dell Chengming 3900 Firmware.