Artikelnummer: 000205716
High
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34403 | Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM. |
7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2022-34400 | Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges may potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. |
7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34403 | Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM. |
7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2022-34400 | Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges may potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. |
7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Product | BIOS Update Version | BIOS Release Date |
| Alienware m15 R6 | 1.17.0 | 10-19-2022 |
| Alienware m15 R7 | 1.4.3 | 09-29-2022 |
| Alienware m15 Ryzen Edition R5 | 1.8.0 | 10-26-2022 |
| Alienware m17 R5 AMD | 1.4.3 | 09-29-2022 |
| Dell G15 5510 | 1.16.0 | 10-11-2022 |
| Dell G15 5511 | 1.18.0 | 10-11-2022 |
| Dell G15 5515 | 1.8.0 | 10-26-2022 |
| Dell G15 5525 | 1.4.3 | 09-29-2022 |
| Dell G5 SE 5505 | 1.13.0 | 11-08-2022 |
| Inspiron 14 5410 2-in-1 | 2.15.2 | 11-15-2022 |
| Inspiron 15 3511 | 1.18.2 | 11-21-2022 |
| Inspiron 3195 2-in-1 | 1.6.0 | 10-26-2022 |
| Inspiron 3275 | 1.9.2 | 10-05-2022 |
| Inspiron 3475 | 1.9.2 | 10-05-2022 |
| Inspiron 3505 | 1.9.0 | 10-11-2022 |
| Inspiron 3515 | 1.9.0 | 10-11-2022 |
| Inspiron 3525 | 1.5.0 | 10-13-2022 |
| Inspiron 3585 | 1.10.0 | 10-26-2022 |
| Inspiron 3595 | 1.5.0 | 10-26-2022 |
| Inspiron 3785 | 1.10.0 | 10-26-2022 |
| Inspiron 3891 | 1.12.0 | 10-17-2022 |
| Inspiron 5310 | 2.15.0 | 10-11-2022 |
| Inspiron 5405 | 1.9.0 | 11-08-2022 |
| Inspiron 5410 | 2.14.0 | 10-07-2022 |
| Inspiron 5415 | 1.13.0 | 11-08-2022 |
| Inspiron 5425 | 1.5.0 | 10-11-2022 |
| Inspiron 5485 | 2.11.0 | 10-26-2022 |
| Inspiron 5485 2-in-1 | 2.11.0 | 10-26-2022 |
| Inspiron 5505 | 1.9.0 | 11-08-2022 |
| Inspiron 5510 | 2.15.2 | 11-15-2022 |
| Inspiron 5515 | 1.13.0 | 11-08-2022 |
| Inspiron 5585 | 2.11.0 | 10-26-2022 |
| Inspiron 7405 2-in-1 | 1.10.1 | 12-01-2022 |
| Inspiron 7415 | 1.13.0 | 11-09-2022 |
| Inspiron 7425 | 1.5.0 | 10-11-2022 |
| Inspiron 7510 | 1.12.0 | 10-12-2022 |
| Inspiron 7610 | 1.12.0 | 10-12-2022 |
| Latitude 3320 | 1.18.2 | 11-15-2022 |
| Latitude 3420 | 1.23.2 | 11-07-2022 |
| Latitude 3520 | 1.23.2 | 11-07-2022 |
| Latitude 5320 | 1.24.3 | 11-16-2022 |
| Latitude 5420 | 1.22.0 | 10-17-2022 |
| Latitude 5520 | 1.24.3 | 11-16-2022 |
| Latitude 5521 | 1.17.3 | 11-16-2022 |
| Latitude 7320 | 1.20.0 | 10-17-2022 |
| Latitude 7320 Detachable | 1.17.2 | 11-22-2022 |
| Latitude 7420 | 1.20.0 | 10-17-2022 |
| Latitude 7520 | 1.20.0 | 10-17-2022 |
| Latitude 9420 | 1.16.2 | 11-22-2022 |
| Latitude 9520 | 1.17.0 | 10-17-2022 |
| Latitude Rugged 5430 | 1.12.0 | 10-11-2022 |
| Latitude Rugged 7330 | 1.12.0 | 10-11-2022 |
| Latitude 5421 | 1.15.0 | 10-17-2022 |
| OptiPlex 3090 Ultra | 1.15.0 | 10-12-2022 |
| OptiPlex 5090 | 1.12.0 | 10-17-2022 |
| OptiPlex 5490 All-In-One | 1.15.0 | 10-11-2022 |
| OptiPlex 7090 Tower | 1.12.0 | 10-11-2022 |
| OptiPlex 7090 Ultra | 1.15.0 | 10-12-2022 |
| OptiPlex 7490 AIO | 1.15.0 | 10-11-2022 |
| Precision 3450 | 1.12.0 | 10-11-2022 |
| Precision 3560 | 1.24.3 | 11-16-2022 |
| Precision 3561 | 1.17.3 | 11-16-2022 |
| Precision 3650 Tower | 1.16.0 | 10-11-2022 |
| Precision 5560 | 1.15.2 | 11-21-2022 |
| Precision 5760 | 1.15.2 | 11-16-2022 |
| Precision 7560 | 1.16.0 | 10-14-2022 |
| Precision 7760 | 1.16.0 | 10-14-2022 |
| Vostro 3405 | 1.9.0 | 10-11-2022 |
| Vostro 3425 | 1.5.0 | 10-13-2022 |
| Vostro 3510 | 1.18.2 | 11-21-2022 |
| Vostro 3515 | 1.9.0 | 10-11-2022 |
| Vostro 3525 | 1.5.0 | 10-13-2022 |
| Vostro 3690 | 1.12.0 | 10-17-2022 |
| Vostro 3890 | 1.12.0 | 10-17-2022 |
| Vostro 5310 | 2.15.0 | 10-11-2022 |
| Vostro 5410 | 2.15.2 | 11-15-2022 |
| Vostro 5415 | 1.13.0 | 11-08-2022 |
| Vostro 5510 | 2.15.2 | 11-15-2022 |
| Vostro 5515 | 1.13.0 | 11-08-2022 |
| Vostro 5625 | 1.5.0 | 10-11-2022 |
| Vostro 5890 | 1.12.0 | 10-11-2022 |
| Vostro 7510 | 1.12.0 | 10-12-2022 |
| XPS 15 9510 | 1.15.2 | 11-21-2022 |
| XPS 17 9710 | 1.15.2 | 11-14-2022 |
| Product | BIOS Update Version | BIOS Release Date |
| Alienware m15 R6 | 1.17.0 | 10-19-2022 |
| Alienware m15 R7 | 1.4.3 | 09-29-2022 |
| Alienware m15 Ryzen Edition R5 | 1.8.0 | 10-26-2022 |
| Alienware m17 R5 AMD | 1.4.3 | 09-29-2022 |
| Dell G15 5510 | 1.16.0 | 10-11-2022 |
| Dell G15 5511 | 1.18.0 | 10-11-2022 |
| Dell G15 5515 | 1.8.0 | 10-26-2022 |
| Dell G15 5525 | 1.4.3 | 09-29-2022 |
| Dell G5 SE 5505 | 1.13.0 | 11-08-2022 |
| Inspiron 14 5410 2-in-1 | 2.15.2 | 11-15-2022 |
| Inspiron 15 3511 | 1.18.2 | 11-21-2022 |
| Inspiron 3195 2-in-1 | 1.6.0 | 10-26-2022 |
| Inspiron 3275 | 1.9.2 | 10-05-2022 |
| Inspiron 3475 | 1.9.2 | 10-05-2022 |
| Inspiron 3505 | 1.9.0 | 10-11-2022 |
| Inspiron 3515 | 1.9.0 | 10-11-2022 |
| Inspiron 3525 | 1.5.0 | 10-13-2022 |
| Inspiron 3585 | 1.10.0 | 10-26-2022 |
| Inspiron 3595 | 1.5.0 | 10-26-2022 |
| Inspiron 3785 | 1.10.0 | 10-26-2022 |
| Inspiron 3891 | 1.12.0 | 10-17-2022 |
| Inspiron 5310 | 2.15.0 | 10-11-2022 |
| Inspiron 5405 | 1.9.0 | 11-08-2022 |
| Inspiron 5410 | 2.14.0 | 10-07-2022 |
| Inspiron 5415 | 1.13.0 | 11-08-2022 |
| Inspiron 5425 | 1.5.0 | 10-11-2022 |
| Inspiron 5485 | 2.11.0 | 10-26-2022 |
| Inspiron 5485 2-in-1 | 2.11.0 | 10-26-2022 |
| Inspiron 5505 | 1.9.0 | 11-08-2022 |
| Inspiron 5510 | 2.15.2 | 11-15-2022 |
| Inspiron 5515 | 1.13.0 | 11-08-2022 |
| Inspiron 5585 | 2.11.0 | 10-26-2022 |
| Inspiron 7405 2-in-1 | 1.10.1 | 12-01-2022 |
| Inspiron 7415 | 1.13.0 | 11-09-2022 |
| Inspiron 7425 | 1.5.0 | 10-11-2022 |
| Inspiron 7510 | 1.12.0 | 10-12-2022 |
| Inspiron 7610 | 1.12.0 | 10-12-2022 |
| Latitude 3320 | 1.18.2 | 11-15-2022 |
| Latitude 3420 | 1.23.2 | 11-07-2022 |
| Latitude 3520 | 1.23.2 | 11-07-2022 |
| Latitude 5320 | 1.24.3 | 11-16-2022 |
| Latitude 5420 | 1.22.0 | 10-17-2022 |
| Latitude 5520 | 1.24.3 | 11-16-2022 |
| Latitude 5521 | 1.17.3 | 11-16-2022 |
| Latitude 7320 | 1.20.0 | 10-17-2022 |
| Latitude 7320 Detachable | 1.17.2 | 11-22-2022 |
| Latitude 7420 | 1.20.0 | 10-17-2022 |
| Latitude 7520 | 1.20.0 | 10-17-2022 |
| Latitude 9420 | 1.16.2 | 11-22-2022 |
| Latitude 9520 | 1.17.0 | 10-17-2022 |
| Latitude Rugged 5430 | 1.12.0 | 10-11-2022 |
| Latitude Rugged 7330 | 1.12.0 | 10-11-2022 |
| Latitude 5421 | 1.15.0 | 10-17-2022 |
| OptiPlex 3090 Ultra | 1.15.0 | 10-12-2022 |
| OptiPlex 5090 | 1.12.0 | 10-17-2022 |
| OptiPlex 5490 All-In-One | 1.15.0 | 10-11-2022 |
| OptiPlex 7090 Tower | 1.12.0 | 10-11-2022 |
| OptiPlex 7090 Ultra | 1.15.0 | 10-12-2022 |
| OptiPlex 7490 AIO | 1.15.0 | 10-11-2022 |
| Precision 3450 | 1.12.0 | 10-11-2022 |
| Precision 3560 | 1.24.3 | 11-16-2022 |
| Precision 3561 | 1.17.3 | 11-16-2022 |
| Precision 3650 Tower | 1.16.0 | 10-11-2022 |
| Precision 5560 | 1.15.2 | 11-21-2022 |
| Precision 5760 | 1.15.2 | 11-16-2022 |
| Precision 7560 | 1.16.0 | 10-14-2022 |
| Precision 7760 | 1.16.0 | 10-14-2022 |
| Vostro 3405 | 1.9.0 | 10-11-2022 |
| Vostro 3425 | 1.5.0 | 10-13-2022 |
| Vostro 3510 | 1.18.2 | 11-21-2022 |
| Vostro 3515 | 1.9.0 | 10-11-2022 |
| Vostro 3525 | 1.5.0 | 10-13-2022 |
| Vostro 3690 | 1.12.0 | 10-17-2022 |
| Vostro 3890 | 1.12.0 | 10-17-2022 |
| Vostro 5310 | 2.15.0 | 10-11-2022 |
| Vostro 5410 | 2.15.2 | 11-15-2022 |
| Vostro 5415 | 1.13.0 | 11-08-2022 |
| Vostro 5510 | 2.15.2 | 11-15-2022 |
| Vostro 5515 | 1.13.0 | 11-08-2022 |
| Vostro 5625 | 1.5.0 | 10-11-2022 |
| Vostro 5890 | 1.12.0 | 10-11-2022 |
| Vostro 7510 | 1.12.0 | 10-12-2022 |
| XPS 15 9510 | 1.15.2 | 11-21-2022 |
| XPS 17 9710 | 1.15.2 | 11-14-2022 |
CVE-2022-34400, CVE-2022-34403: Dell Technologies would like to thank Cederic Laumen (@ling_sec) for reporting this issue.
| Revision | Date | Description |
| 1.0 | 2022-12-15 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
16 dec 2022
1
Dell Security Advisory