DSA-2023-008: Dell Client Security Update for Dell Client BIOS

Summary: Dell Client Consumer and Commercial platform remediation is available for a Client BIOS vulnerability that may be exploited by malicious users to compromise the affected systems.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2022-34463 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrative privileges could potentially exploit this vulnerability to perform arbitrary code execution.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell system.

Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2022-34463 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrative privileges could potentially exploit this vulnerability to perform arbitrary code execution.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell system.

Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product BIOS Update Version BIOS Release Date
(MM/DD/YYYY)
Dell Latitude 3480 1.23.0 12/21/2022
Dell Latitude 3580 1.23.0 12/21/2022
Edge Gateway 3000 series 1.11.0 12/13/2022
Edge Gateway 5000 1.21.0 12/13/2022
Embedded Box PC 3000 1.17.0 12/13/2022
Embedded Box PC 5000 1.18.0 12/13/2022
Inspiron 3481 1.20.0 12/13/2022
Inspiron 3581 1.20.0 12/13/2022
Inspiron 3581 1.20.0 12/13/2022
Inspiron 3781 1.20.0 12/13/2022
Inspiron 5570 1.12.0 12/14/2022
Inspiron 5770 1.12.0 12/14/2022
Latitude 13 3380 1.21.0 12/21/2022
Latitude 3180 1.21.0 12/20/2022
Latitude 3189 1.21.0 12/20/2022
Latitude 3190 1.24.0 12/20/2022
Latitude 3190 2-in-1 1.24.0 12/20/2022
Latitude 3300 1.19.0 12/21/2022
Latitude 3390 2-in-1 1.23.1 12/21/2022
Latitude 3490 1.23.0 12/14/2022
Latitude 3590 1.23.0 12/14/2022
Latitude 5280 1.28.0 12/20/2022
Latitude 5285 2-in-1 1.21.0 12/20/2022
Latitude 5288 1.28.0 12/20/2022
Latitude 5289 1.31.0 12/20/2022
Latitude 5290 1.26.0 12/20/2022
Latitude 5290 2-in-1 1.24.0 12/20/2022
Latitude 5400 1.22.1 12/26/2022
Latitude 5414 Rugged 1.39.0 12/09/2022
Latitude 5420 Rugged 1.22.0 12/09/2022
Latitude 5424 Rugged 1.22.0 12/09/2022
Latitude 5480 1.28.0 12/20/2022
Latitude 5488 1.28.0 12/20/2022
Latitude 5490 1.26.0 12/20/2022
Latitude 5580 1.28.0 12/20/2022
Latitude 5590 1.26.0 12/20/2022
Latitude 7212 Rugged Extreme Tablet 1.42.0 12/09/2022
Latitude 7214 Rugged Extreme 1.39.0 12/09/2022
Latitude 7275 2-in-1 1.18.0 12/20/2022
Latitude 7280 1.29.0 12/20/2022
Latitude 7285 2-in-1 1.19.0 12/20/2022
Latitude 7290 1.30.0 12/22/2022
Latitude 7370 1.32.3 12/20/2022
Latitude 7380 1.29.0 12/20/2022
Latitude 7389 1.31.0 12/20/2022
Latitude 7390 1.30.0 12/22/2022
Latitude 7390 2-in-1 1.28.0 12/20/2022
Latitude 7414 Rugged Extreme 1.39.0 12/09/2022
Latitude 7424 Rugged Extreme 1.22.0 12/09/2022
Latitude 7480 1.29.0 12/20/2022
Latitude 7490 1.30.0 12/22/2022
OptiPlex 3050 1.23.0 12/22/2022
OptiPlex 3050 All-In-One 1.24.0 12/22/2022
OptiPlex 5050 1.23.0 12/22/2022
OptiPlex 5250 1.24.0 12/22/2022
OptiPlex 7050 1.23.0 12/22/2022
OptiPlex 7450 1.24.0 12/22/2022
Precision 3420 Tower 2.24.0 12/21/2022
Precision 3520 1.28.0 12/20/2022
Precision 3620 Tower 2.24.0 12/21/2022
Precision 5520 1.31.0 12/20/2022
Precision 5530 2-in-1 1.22.8 12/14/2022
Precision 5720 All-In-One 2.17.0 12/21/2022
Precision 5820 Tower 2.24.0 12/13/2022
Precision 7510 1.30.3 12/20/2022
Precision 7520 1.28.0 12/20/2022
Precision 7710 1.30.3 12/20/2022
Precision 7720 1.28.0 12/20/2022
Vostro 3267 1.24.0 12/14/2022
Vostro 3268 1.24.0 12/14/2022
Vostro 3481 1.20.0 12/13/2022
Vostro 3581 1.20.0 12/13/2022
Vostro 3584 1.20.0 12/13/2022
Vostro 3667 1.24.0 12/14/2022
Vostro 3668 1.24.0 12/14/2022
Vostro 3669 1.24.0 12/14/2022
Wyse 5070 1.21.0 12/13/2022
Wyse 7040 Thin Client 1.19.0 12/13/2022
XPS 15 9575 2-in-1 1.24.0 12/14/2022
Product BIOS Update Version BIOS Release Date
(MM/DD/YYYY)
Dell Latitude 3480 1.23.0 12/21/2022
Dell Latitude 3580 1.23.0 12/21/2022
Edge Gateway 3000 series 1.11.0 12/13/2022
Edge Gateway 5000 1.21.0 12/13/2022
Embedded Box PC 3000 1.17.0 12/13/2022
Embedded Box PC 5000 1.18.0 12/13/2022
Inspiron 3481 1.20.0 12/13/2022
Inspiron 3581 1.20.0 12/13/2022
Inspiron 3581 1.20.0 12/13/2022
Inspiron 3781 1.20.0 12/13/2022
Inspiron 5570 1.12.0 12/14/2022
Inspiron 5770 1.12.0 12/14/2022
Latitude 13 3380 1.21.0 12/21/2022
Latitude 3180 1.21.0 12/20/2022
Latitude 3189 1.21.0 12/20/2022
Latitude 3190 1.24.0 12/20/2022
Latitude 3190 2-in-1 1.24.0 12/20/2022
Latitude 3300 1.19.0 12/21/2022
Latitude 3390 2-in-1 1.23.1 12/21/2022
Latitude 3490 1.23.0 12/14/2022
Latitude 3590 1.23.0 12/14/2022
Latitude 5280 1.28.0 12/20/2022
Latitude 5285 2-in-1 1.21.0 12/20/2022
Latitude 5288 1.28.0 12/20/2022
Latitude 5289 1.31.0 12/20/2022
Latitude 5290 1.26.0 12/20/2022
Latitude 5290 2-in-1 1.24.0 12/20/2022
Latitude 5400 1.22.1 12/26/2022
Latitude 5414 Rugged 1.39.0 12/09/2022
Latitude 5420 Rugged 1.22.0 12/09/2022
Latitude 5424 Rugged 1.22.0 12/09/2022
Latitude 5480 1.28.0 12/20/2022
Latitude 5488 1.28.0 12/20/2022
Latitude 5490 1.26.0 12/20/2022
Latitude 5580 1.28.0 12/20/2022
Latitude 5590 1.26.0 12/20/2022
Latitude 7212 Rugged Extreme Tablet 1.42.0 12/09/2022
Latitude 7214 Rugged Extreme 1.39.0 12/09/2022
Latitude 7275 2-in-1 1.18.0 12/20/2022
Latitude 7280 1.29.0 12/20/2022
Latitude 7285 2-in-1 1.19.0 12/20/2022
Latitude 7290 1.30.0 12/22/2022
Latitude 7370 1.32.3 12/20/2022
Latitude 7380 1.29.0 12/20/2022
Latitude 7389 1.31.0 12/20/2022
Latitude 7390 1.30.0 12/22/2022
Latitude 7390 2-in-1 1.28.0 12/20/2022
Latitude 7414 Rugged Extreme 1.39.0 12/09/2022
Latitude 7424 Rugged Extreme 1.22.0 12/09/2022
Latitude 7480 1.29.0 12/20/2022
Latitude 7490 1.30.0 12/22/2022
OptiPlex 3050 1.23.0 12/22/2022
OptiPlex 3050 All-In-One 1.24.0 12/22/2022
OptiPlex 5050 1.23.0 12/22/2022
OptiPlex 5250 1.24.0 12/22/2022
OptiPlex 7050 1.23.0 12/22/2022
OptiPlex 7450 1.24.0 12/22/2022
Precision 3420 Tower 2.24.0 12/21/2022
Precision 3520 1.28.0 12/20/2022
Precision 3620 Tower 2.24.0 12/21/2022
Precision 5520 1.31.0 12/20/2022
Precision 5530 2-in-1 1.22.8 12/14/2022
Precision 5720 All-In-One 2.17.0 12/21/2022
Precision 5820 Tower 2.24.0 12/13/2022
Precision 7510 1.30.3 12/20/2022
Precision 7520 1.28.0 12/20/2022
Precision 7710 1.30.3 12/20/2022
Precision 7720 1.28.0 12/20/2022
Vostro 3267 1.24.0 12/14/2022
Vostro 3268 1.24.0 12/14/2022
Vostro 3481 1.20.0 12/13/2022
Vostro 3581 1.20.0 12/13/2022
Vostro 3584 1.20.0 12/13/2022
Vostro 3667 1.24.0 12/14/2022
Vostro 3668 1.24.0 12/14/2022
Vostro 3669 1.24.0 12/14/2022
Wyse 5070 1.21.0 12/13/2022
Wyse 7040 Thin Client 1.19.0 12/13/2022
XPS 15 9575 2-in-1 1.24.0 12/14/2022

Revision History

RevisionDateDescription
1.02023-01-24Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Dell Edge Gateway 3000 Series, Dell Edge Gateway 5000, Dell Embedded Box PC 3000, Dell Embedded Box PC 5000, Inspiron 3481, Inspiron 3581, Inspiron 5570, Inspiron 3781, Inspiron 5770, Latitude 3180, Latitude 3189, Latitude 3190 2-in-1, Latitude 3190 , Latitude 5280/5288, Latitude 5285 2-in-1, Latitude 5289 2-in-1, Latitude 5290 2-in-1, Latitude 5290, Latitude 7212 Rugged Extreme Tablet, Latitude 7214 Rugged Extreme, Latitude 7280, Latitude 7285 2-in-1, Latitude 7290, Latitude 13 3380, Latitude 7370, Latitude 7380, Latitude 7389 2-in-1, Latitude 7390 2-in-1, Latitude 7390, Dell Latitude 3480/3488, Latitude 3490, Latitude 5400 Chromebook, Latitude 5400, Latitude 5420 Rugged, Latitude 5424 Rugged, Latitude 5480/5488, Latitude 5490, Latitude 7480, Latitude 7490, Dell Latitude 3580/3588, Latitude 3590, Latitude 5580, Latitude 5590, Latitude 7275, OptiPlex 3050 All-In-One, OptiPlex 3050 Tower, OptiPlex 5050 Tower, OptiPlex 7450 All-In-One, Precision 3520, Precision 5520, Precision 7520, Precision 7720, Precision 3260 Compact, Precision 7510, Precision 7710, Dell Precision Tower 3420, Product Security Information, Vostro 3481, Vostro 3581, Vostro 3584, Vostro 3267, Vostro 3268, Vostro 3668, Vostro 3669 ...
Article Properties
Article Number: 000207385
Article Type: Dell Security Advisory
Last Modified: 24 Jan 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.