CVE-2022-22558

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service.

Published: Apr 21, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-22558
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
dell / r6415_firmware	-	1.18.0
dell / r7415_firmware	-	1.18.0
dell / r7425_firmware	-	1.18.0
dell / r730_firmware	-	2.14.0
dell / r730xd_firmware	-	2.14.0
dell / r630_firmware	-	2.14.0
dell / c4130_firmware	-	2.14.0
dell / m630_firmware	-	2.14.0
dell / m630p_firmware	-	2.14.0
dell / fc630_firmware	-	2.14.0
dell / fc430_firmware	-	2.14.0
dell / m830_firmware	-	2.14.0
dell / m830p_firmware	-	2.14.0
dell / fc830_firmware	-	2.14.0
dell / t630_firmware	-	2.14.0
dell / r530_firmware	-	2.14.0
dell / r430_firmware	-	2.14.0
dell / t430_firmware	-	2.14.0
dell / r830_firmware	-	1.14.0
dell / c6320_firmware	-	2.14.1

https://www.dell.com/support/kbdoc/000197971

Vulnerability Database

290,206

CVE-2022-22558