CVE-2022-24420 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.2 HIGH	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
dell	CNA	8.2 HIGH	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Affected Products (NVD)

Vendor	Product	Version
dell	alienware_13_r3_firmware	𝑥 < 1.16.1
dell	alienware_15_r3_firmware	𝑥 < 1.16.1
dell	alienware_15_r4_firmware	𝑥 < 1.17.0
dell	alienware_17_r4_firmware	𝑥 < 1.16.1
dell	alienware_17_r5_firmware	𝑥 < 1.17.0
dell	alienware_area_51m_r1_firmware	𝑥 < 1.18.0
dell	alienware_area_51m_r2_firmware	𝑥 < 1.13.0
dell	alienware_aurora_r8_firmware	𝑥 < 1.0.20
dell	alienware_m15_r2_firmware	𝑥 < 1.12.0
dell	alienware_m15_r3_firmware	𝑥 < 1.14.0
dell	alienware_m15_r4_firmware	𝑥 < 1.8.0
dell	alienware_m17_r2_firmware	𝑥 < 1.12.0
dell	alienware_m17_r3_firmware	𝑥 < 1.14.0
dell	alienware_m17_r4_firmware	𝑥 < 1.8.0
dell	alienware_x15_r1_firmware	𝑥 < 1.7.0
dell	alienware_x17_r1_firmware	𝑥 < 1.7.0
dell	edge_gateway_3000_firmware	𝑥 < 1.7.0
dell	edge_gateway_5000_firmware	𝑥 < 1.17.0
dell	edge_gateway_5100_firmware	𝑥 < 1.17.0
dell	embedded_box_pc_3000_firmware	𝑥 < 1.13.0
dell	embedded_box_pc_5000_firmware	𝑥 < 1.14.0
dell	inspiron_14_3473_firmware	𝑥 < 1.14.0
dell	inspiron_15_3573_firmware	𝑥 < 1.14.0
dell	inspiron_15_5566_firmware	𝑥 < 1.18.0
dell	inspiron_3277_firmware	𝑥 < 1.19.0
dell	inspiron_3465_firmware	𝑥 < 1.12.0
dell	inspiron_3477_firmware	𝑥 < 1.19.0
dell	inspiron_3482_firmware	𝑥 < 1.13.0
dell	inspiron_3502_firmware	𝑥 < 1.7.0
dell	inspiron_3510_firmware	𝑥 < 1.6.0
dell	inspiron_3565_firmware	𝑥 < 1.12.0
dell	inspiron_3582_firmware	𝑥 < 1.13.0
dell	inspiron_3782_firmware	𝑥 < 1.13.0
dell	latitude_3379_firmware	𝑥 < 1.0.34
dell	vostro_14_5468_firmware	𝑥 < 1.19.0
dell	vostro_15_5568_firmware	𝑥 < 1.19.0
dell	vostro_3267_firmware	𝑥 < 1.20.0
dell	vostro_3268_firmware	𝑥 < 1.20.0
dell	vostro_3572_firmware	𝑥 < 1.14.0
dell	vostro_3582_firmware	𝑥 < 1.13.0
dell	vostro_3660_firmware	𝑥 < 1.20.0
dell	vostro_3667_firmware	𝑥 < 1.20.0
dell	vostro_3668_firmware	𝑥 < 1.20.0
dell	vostro_3669_firmware	𝑥 < 1.20.0
dell	wyse_7040_thin_client_firmware	𝑥 < 1.15.0
dell	xps_8930_firmware	𝑥 < 1.1.21

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053