CVE-2022-34399 MEDIUM

CVE-2022-34399

Vendor Dell
Product CPG BIOS
Weakness CWE-805
Published January 18, 2023
Last update April 3, 2025

CVSS base score

5.1/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

What the vulnerability does

01Description

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.

Key dates

02Disclosure timeline

January 18, 2023 CVE published
April 3, 2025 Record updated