CVE-2022-34376

Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.

Published: Feb 10, 2023
Updated: Nov 16, 2025
CVE: CVE-2022-34376
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.9
AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L

CWEs:

Affected Software
References

Software	From	Fixed in
dell / r6515_firmware	-	2.9.3
dell / r7515_firmware	-	2.9.3
dell / r6525_firmware	-	2.9.3
dell / r7525_firmware	-	2.9.3
dell / xe8545_firmware	-	2.9.4
dell / c6525_firmware	-	-
dell / r6415_firmware	-	1.19.0
dell / r7415_firmware	-	1.19.0
dell / r7425_firmware	-	1.19.0
dell / r750_firmware	-	1.8.2
dell / r750xa_firmware	-	1.8.2
dell / r650_firmware	-	1.8.2
dell / c6520_firmware	-	1.8.2
dell / mx750c_firmware	-	1.8.2
dell / r450_firmware	-	1.8.2
dell / r550_firmware	-	1.8.2
dell / r650xs_firmware	-	1.8.2
dell / r750xs_firmware	-	1.8.2
dell / t550_firmware	-	1.8.2
dell / xr11_firmware	-	1.8.2
dell / xr12_firmware	-	1.8.2
dell / r250_firmware	-	1.4.2
dell / r350_firmware	-	1.4.2
dell / t150_firmware	-	1.4.2
dell / t350_firmware	-	1.4.2
dell / r740_firmware	-	2.16.1
dell / r740xd_firmware	-	2.16.1
dell / r640_firmware	-	2.16.1
dell / r940_firmware	-	2.16.1
dell / r540_firmware	-	2.16.1
dell / r440_firmware	-	2.16.1
dell / t440_firmware	-	2.16.1
dell / xr2_firmware	-	2.16.1
dell / r740xd2_firmware	-	2.16.1
dell / r840_firmware	-	2.16.1
dell / r940xa_firmware	-	2.16.1
dell / t640_firmware	-	2.16.1
dell / c6420_firmware	-	2.16.1
dell / fc640_firmware	-	2.16.1
dell / m640_firmware	-	2.16.1
dell / m640p_firmware	-	2.16.1
dell / mx740c_firmware	-	2.16.1
dell / mx840c_firmware	-	2.16.1
dell / c4140_firmware	-	2.16.1
dell / dss8440_firmware	-	2.16.1
dell / t140_firmware	-	2.11.1
dell / t340_firmware	-	2.11.1
dell / r240_firmware	-	2.11.1
dell / r340_firmware	-	2.11.1
dell / xe2420_firmware	-	2.16.0
dell / xe7420_firmware	-	2.16.1
dell / xe7440_firmware	-	2.16.1
dell / r730_firmware	-	2.16.0
dell / r730xd_firmware	-	2.16.0
dell / r630_firmware	-	2.16.0
dell / c4130_firmware	-	2.16.0
dell / r930_firmware	-	2.16.0
dell / m630_firmware	-	2.16.0
dell / m630p_firmware	-	2.16.0
dell / fc630_firmware	-	2.16.0
dell / fc430_firmware	-	2.16.0
dell / m830_firmware	-	2.16.0
dell / m830p_firmware	-	2.16.0
dell / fc830_firmware	-	2.16.0
dell / t630_firmware	-	2.16.0
dell / r530_firmware	-	2.16.0
dell / r430_firmware	-	2.16.0
dell / t430_firmware	-	2.16.0
dell / r830_firmware	-	1.16.0
dell / c6320_firmware	-	2.16.0
dell / t130_firmware	-	2.16.0
dell / r230_firmware	-	2.16.0
dell / t330_firmware	-	2.16.0
dell / r330_firmware	-	2.16.0
dell / nx430_firmware	-	2.16.0
dell / nx3230_firmware	-	2.16.0
dell / nx3330_firmware	-	2.16.0
dell / nx440_firmware	-	2.11.1
dell / nx3240_firmware	-	2.16.1
dell / nx3340_firmware	-	2.16.1

https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability

Vulnerability Database

314,343

CVE-2022-34376

Deep Security Visibility Without the Complexity