CVE-2022-22567 MEDIUM

CVE-2022-22567

Vendor Dell
Product CPG BIOS
Weakness CWE-345
Published February 9, 2022
Last update September 16, 2024

CVSS base score

4.7/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:L

What the vulnerability does

01Description

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

Key dates

02Disclosure timeline

February 9, 2022 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE