CVE-2022-34399
EUVD-2022-3735418.01.2023, 12:15
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | alienware_m15_a6_firmware | 𝑥 < 1.4.3 |
| dell | alienware_m15_ryzen_edition_r5_firmware | 𝑥 < 1.8.0 |
| dell | alienware_m17_ryzen_edition_r5_firmware | 𝑥 < 1.4.3 |
| dell | g15_5515_firmware | 𝑥 < 1.8.0 |
| dell | g15_5525_firmware | 𝑥 < 1.4.3 |
| dell | inspiron_3505_firmware | 𝑥 < 1.9.0 |
| dell | inspiron_3515_firmware | 𝑥 < 1.9.0 |
| dell | inspiron_3525_firmware | 𝑥 < 1.5.0 |
| dell | inspiron_3585_firmware | 𝑥 < 1.10.0 |
| dell | inspiron_3595_firmware | 𝑥 < 1.5.0 |
| dell | inspiron_3785_firmware | 𝑥 < 1.10.0 |
| dell | vostro_3405_firmware | 𝑥 < 1.9.0 |
| dell | vostro_3425_firmware | 𝑥 < 1.5.0 |
| dell | vostro_3515_firmware | 𝑥 < 1.9.0 |
| dell | vostro_3525_firmware | 𝑥 < 1.5.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-805 - Buffer Access with Incorrect Length ValueThe software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.