CVE-2022-34399
MEDIUMDell Alienware m17 R5 BIOS < 1.2.2 - Authenticated Buffer Overflow via SMRAM Input
Title source: llmDescription
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000205329/dsa-2022-317-dell-client-security-update-for-dell-client-bios
Scores
CVSS v3
5.1
EPSS
0.0005
EPSS Percentile
16.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
CWE-805
Status
published
Products (15)
dell/alienware_m15_a6_firmware
< 1.4.3
dell/alienware_m15_ryzen_edition_r5_firmware
< 1.8.0
dell/alienware_m17_ryzen_edition_r5_firmware
< 1.4.3
dell/g15_5515_firmware
< 1.8.0
dell/g15_5525_firmware
< 1.4.3
dell/inspiron_3505_firmware
< 1.9.0
dell/inspiron_3515_firmware
< 1.9.0
dell/inspiron_3525_firmware
< 1.5.0
dell/inspiron_3585_firmware
< 1.10.0
dell/inspiron_3595_firmware
< 1.5.0
... and 5 more
Published
Jan 18, 2023
Tracked Since
Feb 18, 2026