CVE-2022-34377 LOW

CVE-2022-34377

Vendor Dell
Product PowerEdge Platform
Weakness CWE-119
Published February 10, 2023
Last update March 26, 2025

CVSS base score

1.9/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Key dates

02Disclosure timeline

February 10, 2023 CVE published
March 26, 2025 Record updated