CVE-2022-26863

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Published: Jun 23, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-26863
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.3
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
dell / alienware_m15_r5_firmware	-	1.5.0
dell / g15_5515_firmware	-	1.6.0
dell / g5_se_5505_firmware	-	1.11.0
dell / inspiron_27_7775_firmware	-	2.16.1
dell / inspiron_14_5425_firmware	-	1.2.1
dell / inspiron_3275_firmware	-	1.9.0
dell / inspiron_3475_firmware	-	1.9.0
dell / inspiron_3180_firmware	-	1.4.4
dell / inspiron_3185_firmware	-	1.4.4
dell / inspiron_3195_firmware	-	1.4.1
dell / inspiron_3505_firmware	-	1.6.0
dell / inspiron_3515_firmware	-	1.5.0
dell / inspiron_3525_firmware	-	1.3.0
dell / inspiron_3585_firmware	-	1.7.0
dell / inspiron_3595_firmware	-	1.3.0
dell / inspiron_3785_firmware	-	1.7.0
dell / inspiron_5405_firmware	-	1.7.0
dell / inspiron_5415_firmware	-	1.9.0
dell / inspiron_5415_all-in-one_firmware	-	1.5.0
dell / inspiron_5485_firmware	-	2.8.0
dell / inspiron_5505_firmware	-	1.7.0
dell / inspiron_5515_firmware	-	1.9.0
dell / inspiron_5575_firmware	-	1.6.0
dell / inspiron_5585_firmware	-	2.8.0
dell / inspiron_7375_firmware	-	1.7.0
dell / inspiron_7405_firmware	-	1.8.0
dell / inspiron_7415_firmware	-	1.9.0
dell / inspiron_7425_firmware	-	1.2.1
dell / vostro_3405_firmware	-	1.6.0
dell / vostro_3515_firmware	-	1.5.0
dell / vostro_3525_firmware	-	1.3.0
dell / vostro_5415_firmware	-	1.9.0
dell / vostro_5515_firmware	-	1.9.0
dell / vostro_5625_firmware	-	1.2.1

https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096

Vulnerability Database

309,136

CVE-2022-26863

Deep Security Visibility Without the Complexity