Article Number: 000202772
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE‑2022-32486 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2022-32492 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE‑2022-32486 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2022-32492 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Product | Affected Version | Updated Version | BIOS Release Date (MM-DD-YYYY) |
Precision 5820 Tower | Versions before 2.21.0 | 2.21.0 | 09-14-2022 |
Precision 7820 Tower | Versions before 2.25.0 | 2.25.0 | 09-14-2022 |
Precision 7920 Tower | Versions before 2.25.0 | 2.25.0 | 09-14-2022 |
Product | Affected Version | Updated Version | BIOS Release Date (MM-DD-YYYY) |
Precision 5820 Tower | Versions before 2.21.0 | 2.21.0 | 09-14-2022 |
Precision 7820 Tower | Versions before 2.25.0 | 2.25.0 | 09-14-2022 |
Precision 7920 Tower | Versions before 2.25.0 | 2.25.0 | 09-14-2022 |
Dell Technologies would like to thank yngweijw for reporting CVE‑2022-32486 and CVE-2022-32492.
Revision | Date | Description |
1.0 | 2022-09-22 | Initial Release |
Precision 5820 Tower, Precision 7820 Tower, Precision 7920 Tower, Product Security Information
22 Sep 2022
1
Dell Security Advisory