CVE-2022-34409 HIGH

CVE-2022-34409

Vendor Dell

Product PowerEdge Platform

Weakness CWE-119

Published March 16, 2023

Last update February 26, 2025

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Local

Attack complexity High

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Key dates

02Disclosure timeline

March 16, 2023 CVE published

February 26, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-34409 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/119.html

Related vulnerabilities

CVE-2022-34409

01Description

02Disclosure timeline

03References

04Related CVE