DSA-2023-050: Dell Client Platform Security Update for an AMI UEFI BIOS Vulnerability
Summary: Dell Client Platform BIOS remediation is available for a UEFI BIOS vulnerability that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Third-party Component | CVEs | More information |
| AMI UEFI BIOS | CVE-2022-40262 | See NVD (http://nvd.nist.gov/ ) for individual scores for each CVE. |
See tables in the "Affected Products and Remediation" and "Additional Information" sections for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.
Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell system.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
| Third-party Component | CVEs | More information |
| AMI UEFI BIOS | CVE-2022-40262 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
See tables in the "Affected Products and Remediation" and "Additional Information" sections for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.
Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell system.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Affected Products & Remediation
| Product | BIOS Update Version | BIOS Release Date |
| Alienware Area 51m R1 | 1.23.0 | 12/13/2022 |
| Alienware Aurora R10 | 2.3.3 | 12/07/2022 |
| Alienware Aurora R8 | 1.0.26 | 12/12/2022 |
| Alienware Aurora R9 | 1.0.23 | 12/12/2022 |
| Alienware m15 R2 | 1.19.0 | 12/13/2022 |
| Alienware m17 R2 | 1.19.0 | 12/13/2022 |
| Alienware m15 R1 | 2.16.0 | 12/13/2022 |
| Alienware m17 R1 | 2.16.0 | 12/13/2022 |
| ChengMing 3980 TOWER | 2.26.0 | 12/21/2022 |
| ChengMing 3988 | 1.13.0 | 12/19/2022 |
| Dell G3 3579 | 1.24.0 | 12/14/2022 |
| Dell G3 3779 | 1.24.0 | 12/14/2022 |
| Dell G5 5090 | 1.17.0 | 12/12/2022 |
| Dell Precision 3430 Tower | 1.22.0 | 12/12/2022 |
| Dell Precision 3431 Tower | 1.17.0 | 12/12/2022 |
| Dell Precision 3630 Tower | 2.18.0 | 12/13/2022 |
| Dell Precision 3930 Rack | 2.23.0 | 12/12/2022 |
| Dell Precision 7820 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7820 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7920 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7920 Tower | 2.28.0 | 12/12/2022 |
| Edge Gateway 3000 series | 1.11.0 | 12/13/2022 |
| Edge Gateway 5000 (Commercial) | 1.21.0 | 12/13/2022 |
| Embedded Box PC 3000 | 1.17.0 | 12/13/2022 |
| Embedded Box PC 5000 | 1.18.0 | 12/13/2022 |
| Inspiron 3280 | 1.17.2 | 12/12/2022 |
| Inspiron 3470 | 2.26.0 | 12/21/2022 |
| Inspiron 3471 | 1.13.0 | 12/19/2022 |
| Inspiron 3480 | 1.22.1 | 01/18/2023 |
| Inspiron 3481 | 1.20.0 | 12/13/2022 |
| Inspiron 3482 | 1.17.0 | 12/13/2022 |
| Inspiron 3502 | 1.11.0 | 12/12/2022 |
| Inspiron 3580 | 1.22.1 | 01/18/2023 |
| Inspiron 3580 | 1.22.1 | 01/18/2023 |
| Inspiron 3581 | 1.20.0 | 12/13/2022 |
| Inspiron 3581 | 1.20.0 | 12/13/2022 |
| Inspiron 3582 | 1.17.0 | 12/13/2022 |
| Inspiron 3670 | 2.26.0 | 12/21/2022 |
| Inspiron 3671 | 1.13.0 | 12/19/2022 |
| Inspiron 3780 | 1.22.1 | 01/18/2023 |
| Inspiron 3781 | 1.20.0 | 12/13/2022 |
| Inspiron 3782 | 1.17.0 | 12/13/2022 |
| Inspiron 5570 | 1.12.0 | 12/14/2022 |
| Inspiron 5770 | 1.12.0 | 12/14/2022 |
See 'Additional Information' section for a continuation of the table.
| Product | BIOS Update Version | BIOS Release Date |
| Alienware Area 51m R1 | 1.23.0 | 12/13/2022 |
| Alienware Aurora R10 | 2.3.3 | 12/07/2022 |
| Alienware Aurora R8 | 1.0.26 | 12/12/2022 |
| Alienware Aurora R9 | 1.0.23 | 12/12/2022 |
| Alienware m15 R2 | 1.19.0 | 12/13/2022 |
| Alienware m17 R2 | 1.19.0 | 12/13/2022 |
| Alienware m15 R1 | 2.16.0 | 12/13/2022 |
| Alienware m17 R1 | 2.16.0 | 12/13/2022 |
| ChengMing 3980 TOWER | 2.26.0 | 12/21/2022 |
| ChengMing 3988 | 1.13.0 | 12/19/2022 |
| Dell G3 3579 | 1.24.0 | 12/14/2022 |
| Dell G3 3779 | 1.24.0 | 12/14/2022 |
| Dell G5 5090 | 1.17.0 | 12/12/2022 |
| Dell Precision 3430 Tower | 1.22.0 | 12/12/2022 |
| Dell Precision 3431 Tower | 1.17.0 | 12/12/2022 |
| Dell Precision 3630 Tower | 2.18.0 | 12/13/2022 |
| Dell Precision 3930 Rack | 2.23.0 | 12/12/2022 |
| Dell Precision 7820 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7820 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7920 Tower | 2.28.0 | 12/12/2022 |
| Dell Precision 7920 Tower | 2.28.0 | 12/12/2022 |
| Edge Gateway 3000 series | 1.11.0 | 12/13/2022 |
| Edge Gateway 5000 (Commercial) | 1.21.0 | 12/13/2022 |
| Embedded Box PC 3000 | 1.17.0 | 12/13/2022 |
| Embedded Box PC 5000 | 1.18.0 | 12/13/2022 |
| Inspiron 3280 | 1.17.2 | 12/12/2022 |
| Inspiron 3470 | 2.26.0 | 12/21/2022 |
| Inspiron 3471 | 1.13.0 | 12/19/2022 |
| Inspiron 3480 | 1.22.1 | 01/18/2023 |
| Inspiron 3481 | 1.20.0 | 12/13/2022 |
| Inspiron 3482 | 1.17.0 | 12/13/2022 |
| Inspiron 3502 | 1.11.0 | 12/12/2022 |
| Inspiron 3580 | 1.22.1 | 01/18/2023 |
| Inspiron 3580 | 1.22.1 | 01/18/2023 |
| Inspiron 3581 | 1.20.0 | 12/13/2022 |
| Inspiron 3581 | 1.20.0 | 12/13/2022 |
| Inspiron 3582 | 1.17.0 | 12/13/2022 |
| Inspiron 3670 | 2.26.0 | 12/21/2022 |
| Inspiron 3671 | 1.13.0 | 12/19/2022 |
| Inspiron 3780 | 1.22.1 | 01/18/2023 |
| Inspiron 3781 | 1.20.0 | 12/13/2022 |
| Inspiron 3782 | 1.17.0 | 12/13/2022 |
| Inspiron 5570 | 1.12.0 | 12/14/2022 |
| Inspiron 5770 | 1.12.0 | 12/14/2022 |
See 'Additional Information' section for a continuation of the table.
Table continued from the 'Affected Products and Remediation' section.
| Product | BIOS Update Version | BIOS Release Date |
| Latitude 12 Rugged Extreme 7214 | 1.39.0 | 12/09/2022 |
| Latitude 12 Rugged Tablet 7212 | 1.42.0 | 12/09/2022 |
| Latitude 14 Rugged 5414 | 1.39.0 | 12/09/2022 |
| Latitude 3180 | 1.21.0 | 12/20/2022 |
| Latitude 3189 | 1.21.0 | 12/20/2022 |
| Latitude 3190 | 1.24.0 | 12/20/2022 |
| Latitude 3190 2-in-1 | 1.24.0 | 12/20/2022 |
| Latitude 3380 | 1.21.0 | 12/21/2022 |
| Latitude 3390 | 1.23.1 | 12/21/2022 |
| Latitude 3480 | 1.23.0 | 12/21/2022 |
| Latitude 3490 | 1.23.0 | 12/14/2022 |
| Latitude 3580 | 1.23.0 | 12/21/2022 |
| Latitude 3590 | 1.23.0 | 12/14/2022 |
| Latitude 5280 | 1.28.0 | 12/20/2022 |
| Latitude 5288 | 1.28.0 | 12/20/2022 |
| Latitude 5289 | 1.31.0 | 12/20/2022 |
| Latitude 5290 | 1.26.0 | 12/20/2022 |
| Latitude 5480 | 1.28.0 | 12/20/2022 |
| Latitude 5488 | 1.28.0 | 12/20/2022 |
| Latitude 5490 | 1.26.0 | 12/20/2022 |
| Latitude 5491 | 1.25.0 | 12/26/2022 |
| Latitude 5580 | 1.28.0 | 12/20/2022 |
| Latitude 5590 | 1.26.0 | 12/20/2022 |
| Latitude 5591 | 1.25.0 | 12/26/2022 |
| Latitude 7280 | 1.29.0 | 12/20/2022 |
| Latitude 7290 | 1.30.0 | 12/22/2022 |
| Latitude 7370 | 1.32.3 | 12/20/2022 |
| Latitude 7380 | 1.29.0 | 12/20/2022 |
| Latitude 7389 | 1.31.0 | 12/20/2022 |
| Latitude 7390 | 1.30.0 | 12/22/2022 |
| Latitude 7414 Rugged Extreme | 1.39.0 | 12/09/2022 |
| Latitude 7480 | 1.29.0 | 12/20/2022 |
| Latitude 7490 | 1.30.0 | 12/22/2022 |
| Latitude Rugged 5420 | 1.22.0 | 12/09/2022 |
| Latitude Rugged 5424 | 1.22.0 | 12/09/2022 |
| Latitude Rugged 7424 | 1.22.0 | 12/09/2022 |
| OptiPlex 3050 AIO19.5" Display | 1.24.0 | 12/22/2022 |
| OptiPlex 3050MT/SFF/Micro | 1.23.0 | 12/22/2022 |
| OptiPlex 5050MT/SFF/Micro | 1.23.0 | 12/22/2022 |
| OptiPlex 7050MT/SFF/Micro | 1.23.0 | 12/22/2022 |
| OptiPlex 7450 AIO23.8" Display | 1.24.0 | 12/22/2022 |
| OptiPlex 3060 | 1.23.0 | 12/13/2022 |
| OptiPlex 3070 | 1.19.0 | 12/13/2022 |
| OptiPlex 5060 | 1.23.0 | 12/13/2022 |
| OptiPlex 5070 | 1.19.0 | 12/13/2022 |
| OptiPlex 5250 | 1.24.0 | 12/22/2022 |
| OptiPlex 5260 All-in-One | 1.24.0 | 12/13/2022 |
| OptiPlex 5270 All-in-One | 1.19.0 | 12/13/2022 |
| OptiPlex 7060 | 1.23.0 | 12/13/2022 |
| OptiPlex 7070 | 1.19.0 | 12/13/2022 |
| OptiPlex 7070 UFF | 1.16.0 | 12/13/2022 |
| OptiPlex 7071 | 1.17.0 | 12/13/2022 |
| OptiPlex 7460 All-In-One | 1.24.0 | 12/13/2022 |
| OptiPlex 7470 All-in-One | 1.19.0 | 12/13/2022 |
| OptiPlex 7760 AIO | 1.24.0 | 12/13/2022 |
| OptiPlex 7770 All-in-One | 1.19.0 | 12/13/2022 |
| OptiPlex XE3 | 1.23.0 | 12/13/2022 |
| Precision 3420 Tower | 2.24.0 | 12/21/2022 |
| Precision 3520 | 1.28.0 | 12/20/2022 |
| Precision 3530 | 1.25.0 | 12/26/2022 |
| Precision 3620 Tower | 2.24.0 | 12/21/2022 |
| Precision 5520 | 1.31.0 | 12/20/2022 |
| Precision 5530 2-in-1 | 1.22.8 | 12/14/2022 |
| Precision 5720 AIO | 2.17.0 | 12/21/2022 |
| Precision 7510 | 1.30.3 | 12/20/2022 |
| Precision 7520 | 1.28.0 | 12/20/2022 |
| Precision 7530 | 1.26.0 | 12/23/2022 |
| Precision 7540 | 1.24.0 | 01/19/2023 |
| Precision 7710 | 1.30.3 | 12/20/2022 |
| Precision 7720 | 1.28.0 | 12/20/2022 |
| Precision 7730 | 1.26.0 | 12/23/2022 |
| Precision 7740 | 1.24.0 | 01/19/2023 |
| Vostro 3070 | 2.26.0 | 12/21/2022 |
| Vostro 3267 | 1.24.0 | 12/14/2022 |
| Vostro 3268 | 1.24.0 | 12/14/2022 |
| Vostro 3470 | 2.26.0 | 12/21/2022 |
| Vostro 3471 | 1.13.0 | 12/19/2022 |
| Vostro 3480 | 1.22.1 | 01/18/2023 |
| Vostro 3481 | 1.20.0 | 12/13/2022 |
| Vostro 3582 | 1.17.0 | 12/13/2022 |
| Vostro 3583 (1SP) / 3580 (2SP) | 1.22.1 | 01/18/2023 |
| Vostro 3583 (1SP) / 3580 (2SP) | 1.22.1 | 01/18/2023 |
| Vostro 3584 (1SP) / 3581 (2SP) | 1.20.0 | 12/13/2022 |
| Vostro 3584 (1SP) / 3581 (2SP) | 1.20.0 | 12/13/2022 |
| Vostro 3667 | 1.24.0 | 12/14/2022 |
| Vostro 3668 | 1.24.0 | 12/14/2022 |
| Vostro 3669 | 1.24.0 | 12/14/2022 |
| Vostro 3670 | 2.26.0 | 12/21/2022 |
| Vostro 3671 | 1.13.0 | 12/19/2022 |
| Vostro 5090 | 1.17.0 | 12/12/2022 |
| Wyse 5070 | 1.21.0 | 12/13/2022 |
| Wyse 5470 | 1.17.1 | 01/09/2023 |
| Wyse 5470 All-In-One | 1.18.0 | 12/13/2022 |
| Wyse 7040 Thin Client | 1.19.0 | 12/13/2022 |
| XPS 15 9575 2-in-1 | 1.24.0 | 12/14/2022 |
| XPS 8930 | 1.1.28 | 01/18/2023 |
Revision History
| Revision | Date | Description |
| 1.0 | 2023-02-15 | Initial Release |
| 1.1 | 2023-03-24 | Reformatted for improved presentation without any changes to content. |
Acknowledgements
CVE-2022-40262: Dell Technologies would like to thank the BINARLY efiXplorer team for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
Alienware Aurora Ryzen Edition R10, Alienware Aurora R8, Alienware Aurora R9, Alienware M15, Alienware M15 R2, Alienware M17, Alienware M17 R2, Alienware Area-51, Alienware m15, Alienware m17, Dell Edge Gateway 3000 Series, Dell Edge Gateway 5000
, Dell Embedded Box PC 3000, Dell Embedded Box PC 5000, Dell G3 3579, Dell G3 3779, Dell G5 5090, Inspiron 3480, Inspiron 3481, Inspiron 3482, Inspiron 3502, Inspiron 3580, Inspiron 3581, Inspiron 5570, Inspiron 3780, Inspiron 3781, Inspiron 3782, Inspiron 5770, Inspiron 3280 AIO, Inspiron 3470, Inspiron 3471, Inspiron 3670, Inspiron 3671, Latitude 3180, Latitude 3189, Latitude 3190 2-in-1, Latitude 3190, Latitude 5280/5288, Latitude 5289 2-in-1, Latitude 5290, Latitude 7212 Rugged Extreme Tablet, Latitude 7214 Rugged Extreme, Latitude 7280, Latitude 7290, Latitude 7370, Latitude 7389 2-in-1, Latitude 7390, Latitude 3490, Latitude 5414 Rugged, Latitude 5420 Rugged, Latitude 5424 Rugged, Latitude 5480/5488, Latitude 5490, Latitude 5491, Latitude 7424 Rugged Extreme, Latitude 7480, Latitude 7490, Dell Latitude 3580/3588, Latitude 3590, OptiPlex 3050 All-In-One, OptiPlex 3050 Tower, OptiPlex 3070 Tower, OptiPlex 5050 Tower, OptiPlex 5250 All-In-One, OptiPlex 5260 All-In-One, OptiPlex 5270 All-In-One, OptiPlex 7050 Tower, OptiPlex 7060 Tower, OptiPlex 7070 Tower, OptiPlex 7070 Ultra, OptiPlex 7071 Tower, OptiPlex 7460 All-In-One, OptiPlex 7470 All-In-One, OptiPlex 7760 All-In-One, OptiPlex 7770 All-In-One, Optiplex XE3, Precision 3930 XL Rack, Precision 5520, Precision 5530 2 in 1, Precision 7520, Precision 7530, Precision 7540, Precision 7720, Precision 7730, Precision 7740, Precision 3430 Small Form Factor, Precision 3431, Precision 3630 Tower, Precision 5720 AIO, Precision 7820 Tower, Precision 7920 Tower, Precision 7510, Precision 7710, Dell Precision Tower 3420, Dell Precision Tower 3620, Product Security Information, Vostro 3480, Vostro 3481, Vostro 3580, Vostro 3581, Vostro 3582, Vostro 3584, Vostro 3070, Vostro 3267, Vostro 3268, Vostro 3470, Vostro 3471, Vostro 3667, Vostro 3668, Vostro 3669, Vostro 3670, Vostro 3671, Vostro 5090, Latitude 3480 mobile thin client, Wyse 5070 Thin Client, Wyse 5470 All-In-One, Wyse 5470, Wyse 7040 Thin Client, XPS 8930
...
Article Properties
Article Number: 000208382
Article Type: Dell Security Advisory
Last Modified: 24 Mar 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.