CVE-2022-34383 HIGH

CVE-2022-34383

Vendor Dell
Product Edge Gateway 5200
Weakness CWE-77
Published August 31, 2022
Last update September 16, 2024

CVSS base score

8.1/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L

What the vulnerability does

01Description

Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.

Key dates

02Disclosure timeline

August 31, 2022 CVE published
September 16, 2024 Record updated