CVE-2022-24410
MEDIUMDell Alienware BIOS < 1.15.1 - Unauthenticated Sensitive Information Exposure via Debug Interfaces
Title source: llmDescription
Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000205719/dsa-2022-325
Scores
CVSS v3
6.8
EPSS
0.0006
EPSS Percentile
19.7%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-200
CWE-312
Status
published
Products (50)
dell/alienware_13_r2_firmware
< 1.13.1
dell/alienware_13_r3_firmware
< 1.12.2
dell/alienware_15_r2_firmware
< 1.13.1
dell/alienware_15_r3_firmware
< 1.12.2
dell/alienware_15_r4_firmware
< 1.13.2
dell/alienware_17_r3_firmware
< 1.13.1
dell/alienware_17_r4_firmware
< 1.12.2
dell/alienware_17_r5_firmware
< 1.13.2
dell/alienware_area_51m_r1_firmware
< 1.15.1
dell/alienware_area_51m_r2_firmware
< 1.8.0
... and 40 more
Published
Feb 10, 2023
Tracked Since
Feb 18, 2026