CVE-2022-31221

Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.3 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
dellCNA
2.3 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
dellchengming_3900_firmware
𝑥
< 1.1.66
dellinspiron_14_plus_7420_firmware
𝑥
< 1.2.0
dellinspiron_16_plus_7620_firmware
𝑥
< 1.2.0
dellinspiron_3910_firmware
𝑥
< 1.1.66
dellinspiron_5320_firmware
𝑥
< 1.1.0
dellinspiron_5420_firmware
𝑥
< 1.4.1
dellinspiron_5620_firmware
𝑥
< 1.4.1
dellinspiron_7420_firmware
𝑥
< 1.3.0
dellinspiron_7620_firmware
𝑥
< 1.3.0
delloptiplex_3000_firmware
𝑥
< 1.1.66
delloptiplex_3000_thin_client_firmware
𝑥
< 1.0.7
delloptiplex_5000_firmware
𝑥
< 1.3.62
delloptiplex_5400_firmware
𝑥
< 1.0.13
delloptiplex_7000_firmware
𝑥
< 1.3.62
delloptiplex_7000_oem_firmware
𝑥
< 1.3.62
delloptiplex_7400_firmware
𝑥
< 1.0.13
dellprecision_3460_small_form_factor_firmware
𝑥
< 1.3.62
dellprecision_3660_tower_firmware
𝑥
< 1.3.71
dellprecision_5770_firmware
𝑥
< 1.6.0
dellvostro_3710_firmware
𝑥
< 1.1.66
dellvostro_3910_firmware
𝑥
< 1.1.66
dellvostro_5320_firmware
𝑥
< 1.1.0
dellvostro_5620_firmware
𝑥
< 1.4.1
dellvostro_7620_firmware
𝑥
< 1.2.0
dellxps_17_9720_firmware
𝑥
< 1.6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/000202196
https://www.dell.com/support/kbdoc/000202196