DSA-2023-048: Dell Client Platform Security Update for Multiple Insyde UEFI BIOS Vulnerabilities

摘要: Dell Client Platform remediation is available for multiple Insyde UEFI BIOS vulnerabilities that could be exploited by malicious users to compromise the affected system.

本文适用于 本文不适用于 本文并非针对某种特定的产品。 本文并非包含所有产品版本。
查看其他资源

影响

High

详情

Third-Party Component CVE(s) More information
Insyde UEFI BIOS CVE-2022-29276 See NVD (http://nvd.nist.gov/)This hyperlink is taking you to a website outside of Dell Technologies. or the following advisories for individual scores for each CVE.
INSYDE-SA-2022025This hyperlink is taking you to a website outside of Dell Technologies.
INSYDE-SA-2022059This hyperlink is taking you to a website outside of Dell Technologies.
INSYDE-SA-2022061This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-38489
CVE-2022-29278

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数,这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

Product BIOS Update Version BIOS Release Date
Alienware m15 R7 AMD 1.7.0 3/13/2023
Alienware m15 Ryzen Edition R5 1.12.1 5/8/2023
Alienware m17 R5 AMD 1.7.0 3/13/2023
Dell G15 5515 1.11.1 5/8/2023
Dell G5 SE 5505 1.15.0 4/12/2023
Dell G15 5525 1.7.0 3/13/2023
Inspiron 14 5435 1.3.0 5/8/2023
Inspiron 14 7425 2-in-1 1.11.0 4/6/2023
Inspiron 14 7435 2-in-1 1.3.0 5/8/2023
Inspiron 15 3535 1.2.0 4/13/2023
Inspiron 16 5635 1.3.0 5/8/2023
Inspiron 16 7635 2-in-1 1.3.0 5/8/2023
Inspiron 24 5415 All-in-One 1.10.0 3/13/2023
Inspiron 3505 1.12.0 4/11/2023
Inspiron 3515 1.12.0 4/11/2023
Inspiron 3525 1.9.0 3/10/2023
Inspiron 3585 1.13.0 5/9/2023
Inspiron 3785 1.13.0 5/9/2023
Inspiron 5405 1.11.0 4/11/2023
Inspiron 5415 1.15.0 3/9/2023
Inspiron 5425 1.7.0 3/10/2023
Inspiron 5485 2.14.0 4/11/2023
Inspiron 5485  2-in-1 2.14.0 4/11/2023
Inspiron 5505 1.11.0 4/11/2023
Inspiron 5515 1.15.0 3/9/2023
Inspiron 5585 2.14.0 4/11/2023
Inspiron 7405 2-in-1 1.12.0 4/11/2023
Inspiron 7415 1.15.0 3/10/2023
Vostro 14 3435 1.2.0 4/13/2023
Vostro 15 3535 1.2.0 4/13/2023
Vostro 3405 1.12.0 4/11/2023
Vostro 3425 1.9.0 3/10/2023
Vostro 3515 1.12.0 4/11/2023
Vostro 3525 1.9.0 3/10/2023
Vostro 5415 1.15.0 3/9/2023
Vostro 5515 1.15.0 3/9/2023
Vostro 5625 1.7.0 3/10/2023
Vostro 5635 1.3.0 5/8/2023
Product BIOS Update Version BIOS Release Date
Alienware m15 R7 AMD 1.7.0 3/13/2023
Alienware m15 Ryzen Edition R5 1.12.1 5/8/2023
Alienware m17 R5 AMD 1.7.0 3/13/2023
Dell G15 5515 1.11.1 5/8/2023
Dell G5 SE 5505 1.15.0 4/12/2023
Dell G15 5525 1.7.0 3/13/2023
Inspiron 14 5435 1.3.0 5/8/2023
Inspiron 14 7425 2-in-1 1.11.0 4/6/2023
Inspiron 14 7435 2-in-1 1.3.0 5/8/2023
Inspiron 15 3535 1.2.0 4/13/2023
Inspiron 16 5635 1.3.0 5/8/2023
Inspiron 16 7635 2-in-1 1.3.0 5/8/2023
Inspiron 24 5415 All-in-One 1.10.0 3/13/2023
Inspiron 3505 1.12.0 4/11/2023
Inspiron 3515 1.12.0 4/11/2023
Inspiron 3525 1.9.0 3/10/2023
Inspiron 3585 1.13.0 5/9/2023
Inspiron 3785 1.13.0 5/9/2023
Inspiron 5405 1.11.0 4/11/2023
Inspiron 5415 1.15.0 3/9/2023
Inspiron 5425 1.7.0 3/10/2023
Inspiron 5485 2.14.0 4/11/2023
Inspiron 5485  2-in-1 2.14.0 4/11/2023
Inspiron 5505 1.11.0 4/11/2023
Inspiron 5515 1.15.0 3/9/2023
Inspiron 5585 2.14.0 4/11/2023
Inspiron 7405 2-in-1 1.12.0 4/11/2023
Inspiron 7415 1.15.0 3/10/2023
Vostro 14 3435 1.2.0 4/13/2023
Vostro 15 3535 1.2.0 4/13/2023
Vostro 3405 1.12.0 4/11/2023
Vostro 3425 1.9.0 3/10/2023
Vostro 3515 1.12.0 4/11/2023
Vostro 3525 1.9.0 3/10/2023
Vostro 5415 1.15.0 3/9/2023
Vostro 5515 1.15.0 3/9/2023
Vostro 5625 1.7.0 3/10/2023
Vostro 5635 1.3.0 5/8/2023

解决方法和缓解措施

None

修订历史记录

RevisionDateDescription
1.02023-04-11Initial Release
1.12023-05-09Final Platform Release Update and CVE Identifier updated

相关信息

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

法律免责声明

受影响的产品

Alienware M15, Alienware m17 R5 AMD, Vostro, Alienware m15, Dell G15 5525, Inspiron 5415, Product Security Information
文章属性
文章编号: 000212207
文章类型: Dell Security Advisory
上次修改时间: 09 5月 2023
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。