Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-34400

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.1, requiring local system access to exploit with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts integrity (unauthorized modifications), and availability (service disruption) for affected systems. Impacting 166 products from dell, from dell, from dell and 163 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-02-01T05:15:12.173

Last Modified

2024-11-21T07:09:26.667

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

Weaknesses

Type: Secondary
CWE-122
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	alienware_m15_r6_firmware	< 1.17.0	Yes
Hardware	dell	alienware_m15_r6	-	No
Operating System	dell	alienware_m15_r7_firmware	< 1.4.3	Yes
Hardware	dell	alienware_m15_r7	-	No
Operating System	dell	alienware_m15_ryzen_edition_r5_firmware	< 1.8.0	Yes
Hardware	dell	alienware_m15_ryzen_edition_r5	-	No
Operating System	dell	alienware_m17_r5_amd_firmware	< 1.4.3	Yes
Hardware	dell	alienware_m17_r5_amd	-	No
Operating System	dell	g15_5510_firmware	< 1.16.0	Yes
Hardware	dell	g15_5510	-	No
Operating System	dell	g15_5511_firmware	< 1.18.0	Yes
Hardware	dell	g15_5511	-	No
Operating System	dell	g15_5515_firmware	< 1.8.0	Yes
Hardware	dell	g15_5515	-	No
Operating System	dell	g15_5525_firmware	< 1.4.3	Yes
Hardware	dell	g15_5525	-	No
Operating System	dell	g5_se_5505_firmware	< 1.13.0	Yes
Hardware	dell	g5_se_5505	-	No
Operating System	dell	inspiron_14_5410_2-in-1_firmware	< 2.15.2	Yes
Hardware	dell	inspiron_14_5410_2-in-1	-	No
Operating System	dell	inspiron_15_3511_firmware	< 1.18.2	Yes
Hardware	dell	inspiron_15_3511	-	No
Operating System	dell	inspiron_3195_2-in-1_firmware	< 1.6.0	Yes
Hardware	dell	inspiron_3195_2-in-1	-	No
Operating System	dell	inspiron_3275_firmware	< 1.9.2	Yes
Hardware	dell	inspiron_3275	-	No
Operating System	dell	inspiron_3475_firmware	< 1.9.2	Yes
Hardware	dell	inspiron_3475	-	No
Operating System	dell	inspiron_3505_firmware	< 1.9.0	Yes
Hardware	dell	inspiron_3505	-	No
Operating System	dell	inspiron_3515_firmware	< 1.9.0	Yes
Hardware	dell	inspiron_3515	-	No
Operating System	dell	inspiron_3525_firmware	< 1.5.0	Yes
Hardware	dell	inspiron_3525	-	No
Operating System	dell	inspiron_3585_firmware	< 1.10.0	Yes
Hardware	dell	inspiron_3585	-	No
Operating System	dell	inspiron_3595_firmware	< 1.5.0	Yes
Hardware	dell	inspiron_3595	-	No
Operating System	dell	inspiron_3785_firmware	< 1.10.0	Yes
Hardware	dell	inspiron_3785	-	No
Operating System	dell	inspiron_3891_firmware	< 1.12.0	Yes
Hardware	dell	inspiron_3891	-	No
Operating System	dell	inspiron_5310_firmware	< 2.15.0	Yes
Hardware	dell	inspiron_5310	-	No
Operating System	dell	inspiron_5405_firmware	< 1.9.0	Yes
Hardware	dell	inspiron_5405	-	No
Operating System	dell	inspiron_5410_firmware	< 2.14.0	Yes
Hardware	dell	inspiron_5410	-	No
Operating System	dell	inspiron_5415_firmware	< 1.13.0	Yes
Hardware	dell	inspiron_5415	-	No
Operating System	dell	inspiron_5425_firmware	< 1.5.0	Yes
Hardware	dell	inspiron_5425	-	No
Operating System	dell	inspiron_5485_firmware	< 2.11.0	Yes
Hardware	dell	inspiron_5485	-	No
Operating System	dell	inspiron_5485_2-in-1_firmware	< 2.11.0	Yes
Hardware	dell	inspiron_5485_2-in-1	-	No
Operating System	dell	inspiron_5505_firmware	< 1.9.0	Yes
Hardware	dell	inspiron_5505	-	No
Operating System	dell	inspiron_5510_firmware	< 2.15.2	Yes
Hardware	dell	inspiron_5510	-	No
Operating System	dell	inspiron_5515_firmware	< 1.13.0	Yes
Hardware	dell	inspiron_5515	-	No
Operating System	dell	inspiron_5585_firmware	< 2.11.0	Yes
Hardware	dell	inspiron_5585	-	No
Operating System	dell	inspiron_7405_2-in-1_firmware	< 1.10.1	Yes
Hardware	dell	inspiron_7405_2-in-1	-	No
Operating System	dell	inspiron_7415_firmware	< 1.13.0	Yes
Hardware	dell	inspiron_7415	-	No
Operating System	dell	inspiron_7425_firmware	< 1.5.0	Yes
Hardware	dell	inspiron_7425	-	No
Operating System	dell	inspiron_7510_firmware	< 1.12.0	Yes
Hardware	dell	inspiron_7510	-	No
Operating System	dell	inspiron_7610_firmware	< 1.12.0	Yes
Hardware	dell	inspiron_7610	-	No
Operating System	dell	latitude_3320_firmware	< 1.18.2	Yes
Hardware	dell	latitude_3320	-	No
Operating System	dell	latitude_3420_firmware	< 1.23.2	Yes
Hardware	dell	latitude_3420	-	No
Operating System	dell	latitude_3520_firmware	< 1.23.2	Yes
Hardware	dell	latitude_3520	-	No
Operating System	dell	latitude_5320_firmware	< 1.24.3	Yes
Hardware	dell	latitude_5320	-	No
Operating System	dell	latitude_5420_firmware	< 1.22.0	Yes
Hardware	dell	latitude_5420	-	No
Operating System	dell	latitude_5520_firmware	< 1.24.3	Yes
Hardware	dell	latitude_5520	-	No
Operating System	dell	latitude_5521_firmware	< 1.17.3	Yes
Hardware	dell	latitude_5521	-	No
Operating System	dell	latitude_7320_firmware	< 1.20.0	Yes
Hardware	dell	latitude_7320	-	No
Operating System	dell	latitude_7320_detachable_firmware	< 1.17.2	Yes
Hardware	dell	latitude_7320_detachable	-	No
Operating System	dell	latitude_7420_firmware	< 1.20.0	Yes
Hardware	dell	latitude_7420	-	No
Operating System	dell	latitude_7520_firmware	< 1.20.0	Yes
Hardware	dell	latitude_7520	-	No
Operating System	dell	latitude_9420_firmware	< 1.16.2	Yes
Hardware	dell	latitude_9420	-	No
Operating System	dell	latitude_9520_firmware	< 1.17.0	Yes
Hardware	dell	latitude_9520	-	No
Operating System	dell	latitude_rugged_5430_firmware	< 1.12.0	Yes
Hardware	dell	latitude_rugged_5430	-	No
Operating System	dell	latitude_rugged_7330_firmware	< 1.12.0	Yes
Hardware	dell	latitude_rugged_7330	-	No
Operating System	dell	latitude_5421_firmware	< 1.15.0	Yes
Hardware	dell	latitude_5421	-	No
Operating System	dell	optiplex_5090_firmware	< 1.12.0	Yes
Hardware	dell	optiplex_5090	-	No
Operating System	dell	optiplex_5490_all-in-one_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_5490_all-in-one	-	No
Operating System	dell	optiplex_7090_tower_firmware	< 1.12.0	Yes
Hardware	dell	optiplex_7090_tower	-	No
Operating System	dell	optiplex_7090_ultra_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_7090_ultra	-	No
Operating System	dell	optiplex_7090_aio_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_7090_aio	-	No
Operating System	dell	precision_3450_firmware	< 1.12.0	Yes
Hardware	dell	precision_3450	-	No
Operating System	dell	precision_3560_firmware	< 1.24.3	Yes
Hardware	dell	precision_3560	-	No
Operating System	dell	precision_3561_firmware	< 1.17.3	Yes
Hardware	dell	precision_3561	-	No
Operating System	dell	precision_3650_tower_firmware	< 1.16.0	Yes
Hardware	dell	precision_3650_tower	-	No
Operating System	dell	precision_5560_firmware	< 1.15.2	Yes
Hardware	dell	precision_5560	-	No
Operating System	dell	precision_5760_firmware	< 1.15.2	Yes
Hardware	dell	precision_5760	-	No
Operating System	dell	precision_7560_firmware	< 1.16.0	Yes
Hardware	dell	precision_7560	-	No
Operating System	dell	precision_7760_firmware	< 1.16.0	Yes
Hardware	dell	precision_7760	-	No
Operating System	dell	vostro_3405_firmware	< 1.9.0	Yes
Hardware	dell	vostro_3405	-	No
Operating System	dell	vostro_3425_firmware	< 1.5.0	Yes
Hardware	dell	vostro_3425	-	No
Operating System	dell	vostro_3510_firmware	< 1.18.2	Yes
Hardware	dell	vostro_3510	-	No
Operating System	dell	vostro_3515_firmware	< 1.9.0	Yes
Hardware	dell	vostro_3515	-	No
Operating System	dell	vostro_3525_firmware	< 1.5.0	Yes
Hardware	dell	vostro_3525	-	No
Operating System	dell	vostro_3690_firmware	< 1.12.0	Yes
Hardware	dell	vostro_3690	-	No
Operating System	dell	vostro_3890_firmware	< 1.12.0	Yes
Hardware	dell	vostro_3890	-	No
Operating System	dell	vostro_5310_firmware	< 2.15.0	Yes
Hardware	dell	vostro_5310	-	No
Operating System	dell	vostro_5410_firmware	< 2.15.2	Yes
Hardware	dell	vostro_5410	-	No
Operating System	dell	vostro_5415_firmware	< 1.13.0	Yes
Hardware	dell	vostro_5415	-	No
Operating System	dell	vostro_5510_firmware	< 2.15.2	Yes
Hardware	dell	vostro_5510	-	No
Operating System	dell	vostro_5515_firmware	< 1.13.0	Yes
Hardware	dell	vostro_5515	-	No
Operating System	dell	vostro_5625_firmware	< 1.5.0	Yes
Hardware	dell	vostro_5625	-	No
Operating System	dell	vostro_5890_firmware	< 1.12.0	Yes
Hardware	dell	vostro_5890	-	No
Operating System	dell	vostro_7510_firmware	< 1.12.0	Yes
Hardware	dell	vostro_7510	-	No
Operating System	dell	xps_15_9510_firmware	< 1.15.2	Yes
Hardware	dell	xps_15_9510	-	No
Operating System	dell	xps_17_9710_firmware	< 1.15.2	Yes
Hardware	dell	xps_17_9710	-	No

References

https://www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327 Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For dell's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.