Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-32482: DSA-2022-326: Dell Client Security Update for a Dell Client BIOS Vulnerability

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE
#vulnerability#ios#bios#auth#dell

Artikkelin sisältö

Vaikutus

Medium

Tiedot

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2022-32482

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

5.6

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2022-32482

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

5.6

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

Product

BIOS Update Version

BIOS Release Date

Alienware m15 R6

1.17.0

10-19-2022

Alienware m15 R7

1.10.0

08-08-2022

ChengMing 3900

1.7.3

11-11-2022

Dell G15 5510

1.16.0

10-11-2022

Dell G15 5511

1.18.0

10-11-2022

Dell G15 5520

1.10.0

08-08-2022

Dell G16 7620

1.12.0

10-11-2022

Dell G3 3500

1.20.0

10-07-2022

Dell G5 15 5500

1.20.0

10-07-2022

Dell G7 15 7500

1.19.0

10-06-2022

Dell G7 17 7700

1.19.0

10-06-2022

Inspiron 14 5410 2-in-1

2.15.2

11-15-2022

Inspiron 14 Plus 7420

1.6.1

10-13-2022

Inspiron 15 3511

1.18.2

11-21-2022

Inspiron 16 Plus 7620

1.6.1

10-13-2022

Inspiron 3490

1.21.0

10-10-2022

Inspiron 3493

1.24.0

10-10-2022

Inspiron 3501

1.19.0

10-11-2022

Inspiron 3511

1.18.2

11-21-2022

Inspiron 3520

1.8.2

11-11-2022

Inspiron 3590

1.21.0

10-10-2022

Inspiron 3593

1.24.0

10-10-2022

Inspiron 3790

1.21.0

10-10-2022

Inspiron 3793

1.24.0

10-10-2022

Inspiron 3891

1.12.0

10-17-2022

Inspiron 3910

1.7.3

11-11-2022

Inspiron 5300

1.17.0

10-11-2022

Inspiron 5301

1.21.0

10-11-2022

Inspiron 5310

2.15.0

10-11-2022

Inspiron 5320

1.3.0

08-08-2022

Inspiron 5390

1.19.0

11-15-2022

Inspiron 5391

1.20.0

11-15-2022

Inspiron 5400 2-in-1

1.18.0

10-12-2022

Inspiron 5401

1.18.0

10-11-2022

Inspiron 5402

1.18.0

10-11-2022

Inspiron 5406 2-in-1

1.18.0

10-11-2022

Inspiron 5408

1.18.0

10-11-2022

Inspiron 5409

1.18.0

10-11-2022

Inspiron 5410 All-In-One

1.4.0

08-09-2022

Inspiron 5420

1.6.0

08-08-2022

Inspiron 5490

1.21.0

11-16-2022

Inspiron 5491 2-in-1

1.17.0

11-15-2022

Inspiron 5493

1.24.0

10-10-2022

Inspiron 5494

1.21.0

10-10-2022

Inspiron 5498

1.21.0

11-16-2022

Inspiron 5501

1.18.0

10-11-2022

Inspiron 5502

1.18.0

10-11-2022

Inspiron 5508

1.18.0

10-11-2022

Inspiron 5509

1.18.0

10-11-2022

Inspiron 5510

2.15.2

11-15-2022

Inspiron 5583

1.21.0

10-04-2022

Inspiron 5584

1.21.0

10-04-2022

Inspiron 5590

1.21.0

11-16-2022

Inspiron 5591 2-in-1

1.17.0

11-15-2022

Inspiron 5593

1.24.0

10-10-2022

Inspiron 5594

1.21.0

10-10-2022

Inspiron 5598

1.21.0

11-16-2022

Inspiron 5620

1.6.0

08-08-2022

Inspiron 7000

1.20.0

11-15-2022

Inspiron 7300

1.21.0

10-11-2022

Inspiron 7300 2-in-1

1.13.0

10-12-2022

Inspiron 7306 2-in-1

1.18.0

10-12-2022

Inspiron 7391

1.18.0

11-15-2022

Inspiron 7400

1.21.0

10-11-2022

Inspiron 7420

1.4.0

08-08-2022

Inspiron 7490

1.17.0

10-11-2022

Inspiron 7500

1.18.0

10-07-2022

Inspiron 7500 2-in-1 Black

1.13.0

10-12-2022

Inspiron 7500 2-in-1 Silver

1.18.0

10-12-2022

Inspiron 7501

1.18.0

10-07-2022

Inspiron 7506 2-in-1

1.18.0

10-11-2022

Inspiron 7510

1.12.0

10-12-2022

Inspiron 7591

1.18.0

11-15-2022

Inspiron 7610

1.12.0

10-12-2022

Inspiron 7620

1.4.0

08-08-2022

Inspiron 7706 2-in-1

1.18.0

10-11-2022

Inspiron 7710

1.4.0

08-09-2022

Inspiron 7791

1.18.0

11-15-2022

Latitude 3301

1.24.0

11-15-2022

Latitude 3320

1.18.2

11-15-2022

Latitude 3330

1.8.0

12-12-2022

Latitude 3400

1.26.0

10-12-2022

Latitude 3410

1.20.2

11-21-2022

Latitude 3420

1.23.2

11-07-2022

Latitude 3430

1.4.0

10-07-2022

Latitude 3500

1.26.0

10-12-2022

Latitude 3510

1.20.2

11-21-2022

Latitude 3520

1.23.2

11-07-2022

Latitude 3530

1.4.0

10-07-2022

Table continued in the Additional Information section below.

Product

BIOS Update Version

BIOS Release Date

Alienware m15 R6

1.17.0

10-19-2022

Alienware m15 R7

1.10.0

08-08-2022

ChengMing 3900

1.7.3

11-11-2022

Dell G15 5510

1.16.0

10-11-2022

Dell G15 5511

1.18.0

10-11-2022

Dell G15 5520

1.10.0

08-08-2022

Dell G16 7620

1.12.0

10-11-2022

Dell G3 3500

1.20.0

10-07-2022

Dell G5 15 5500

1.20.0

10-07-2022

Dell G7 15 7500

1.19.0

10-06-2022

Dell G7 17 7700

1.19.0

10-06-2022

Inspiron 14 5410 2-in-1

2.15.2

11-15-2022

Inspiron 14 Plus 7420

1.6.1

10-13-2022

Inspiron 15 3511

1.18.2

11-21-2022

Inspiron 16 Plus 7620

1.6.1

10-13-2022

Inspiron 3490

1.21.0

10-10-2022

Inspiron 3493

1.24.0

10-10-2022

Inspiron 3501

1.19.0

10-11-2022

Inspiron 3511

1.18.2

11-21-2022

Inspiron 3520

1.8.2

11-11-2022

Inspiron 3590

1.21.0

10-10-2022

Inspiron 3593

1.24.0

10-10-2022

Inspiron 3790

1.21.0

10-10-2022

Inspiron 3793

1.24.0

10-10-2022

Inspiron 3891

1.12.0

10-17-2022

Inspiron 3910

1.7.3

11-11-2022

Inspiron 5300

1.17.0

10-11-2022

Inspiron 5301

1.21.0

10-11-2022

Inspiron 5310

2.15.0

10-11-2022

Inspiron 5320

1.3.0

08-08-2022

Inspiron 5390

1.19.0

11-15-2022

Inspiron 5391

1.20.0

11-15-2022

Inspiron 5400 2-in-1

1.18.0

10-12-2022

Inspiron 5401

1.18.0

10-11-2022

Inspiron 5402

1.18.0

10-11-2022

Inspiron 5406 2-in-1

1.18.0

10-11-2022

Inspiron 5408

1.18.0

10-11-2022

Inspiron 5409

1.18.0

10-11-2022

Inspiron 5410 All-In-One

1.4.0

08-09-2022

Inspiron 5420

1.6.0

08-08-2022

Inspiron 5490

1.21.0

11-16-2022

Inspiron 5491 2-in-1

1.17.0

11-15-2022

Inspiron 5493

1.24.0

10-10-2022

Inspiron 5494

1.21.0

10-10-2022

Inspiron 5498

1.21.0

11-16-2022

Inspiron 5501

1.18.0

10-11-2022

Inspiron 5502

1.18.0

10-11-2022

Inspiron 5508

1.18.0

10-11-2022

Inspiron 5509

1.18.0

10-11-2022

Inspiron 5510

2.15.2

11-15-2022

Inspiron 5583

1.21.0

10-04-2022

Inspiron 5584

1.21.0

10-04-2022

Inspiron 5590

1.21.0

11-16-2022

Inspiron 5591 2-in-1

1.17.0

11-15-2022

Inspiron 5593

1.24.0

10-10-2022

Inspiron 5594

1.21.0

10-10-2022

Inspiron 5598

1.21.0

11-16-2022

Inspiron 5620

1.6.0

08-08-2022

Inspiron 7000

1.20.0

11-15-2022

Inspiron 7300

1.21.0

10-11-2022

Inspiron 7300 2-in-1

1.13.0

10-12-2022

Inspiron 7306 2-in-1

1.18.0

10-12-2022

Inspiron 7391

1.18.0

11-15-2022

Inspiron 7400

1.21.0

10-11-2022

Inspiron 7420

1.4.0

08-08-2022

Inspiron 7490

1.17.0

10-11-2022

Inspiron 7500

1.18.0

10-07-2022

Inspiron 7500 2-in-1 Black

1.13.0

10-12-2022

Inspiron 7500 2-in-1 Silver

1.18.0

10-12-2022

Inspiron 7501

1.18.0

10-07-2022

Inspiron 7506 2-in-1

1.18.0

10-11-2022

Inspiron 7510

1.12.0

10-12-2022

Inspiron 7591

1.18.0

11-15-2022

Inspiron 7610

1.12.0

10-12-2022

Inspiron 7620

1.4.0

08-08-2022

Inspiron 7706 2-in-1

1.18.0

10-11-2022

Inspiron 7710

1.4.0

08-09-2022

Inspiron 7791

1.18.0

11-15-2022

Latitude 3301

1.24.0

11-15-2022

Latitude 3320

1.18.2

11-15-2022

Latitude 3330

1.8.0

12-12-2022

Latitude 3400

1.26.0

10-12-2022

Latitude 3410

1.20.2

11-21-2022

Latitude 3420

1.23.2

11-07-2022

Latitude 3430

1.4.0

10-07-2022

Latitude 3500

1.26.0

10-12-2022

Latitude 3510

1.20.2

11-21-2022

Latitude 3520

1.23.2

11-07-2022

Latitude 3530

1.4.0

10-07-2022

Table continued in the Additional Information section below.

Versiohistoria

Revision

Date

Description

1.0

2022-12-15

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Lisätietoja

Table continued from the Affected Products and Remediation section above.

Product

BIOS Update Version

BIOS Release Date

Latitude 5320

1.24.3

11-16-2022

Latitude 5330

1.5.0

08-01-2022

Latitude 5420

1.22.0

10-17-2022

Latitude 5430

1.8.3

11-24-2022

Latitude 5431

1.7.0

10-19-2022

Latitude 5521

1.17.3

11-16-2022

Latitude 5530

1.5.0

08-04-2022

Latitude 5531

1.6.0

08-01-2022

Latitude 7320

1.20.0

10-17-2022

Latitude 7320 Detachable

1.17.2

11-22-2022

Latitude 7330

1.6.0

08-09-2022

Latitude 7420

1.20.0

10-17-2022

Latitude 7430

1.6.0

08-09-2022

Latitude 7520

1.20.0

10-17-2022

Latitude 7530

1.6.0

08-09-2022

Latitude 9330

1.3.3

08-09-2022

Latitude 9420

1.16.2

11-22-2022

Latitude 9430

1.6.0

08-09-2022

Latitude 9520

1.17.0

10-17-2022

Latitude Rugged 5430

1.12.0

10-11-2022

Latitude Rugged 7330

1.12.0

10-11-2022

Latitude 5421

1.15.0

10-17-2022

OptiPlex 3000

1.4.1

08-11-2022

OptiPlex 3000 Thin Client

1.5.3

11-21-2022

OptiPlex 3090 Ultra

1.15.0

10-12-2022

OptiPlex 5000

1.4.1

08-11-2022

OptiPlex 5090

1.12.0

10-17-2022

OptiPlex 5400

1.1.15

08-25-2022

OptiPlex 5490 All-In-One

1.15.0

10-11-2022

OptiPlex 7000

1.4.1

08-11-2022

OptiPlex 7000 OEM

1.4.1

08-10-2022

OptiPlex 7090

1.12.0

10-11-2022

OptiPlex 7090 Ultra

1.15.0

10-12-2022

OptiPlex 7400

1.1.15

08-25-2022

OptiPlex 7490 All-In-One

1.15.0

10-11-2022

Precision 3450

1.12.0

10-11-2022

Precision 3460 Small Form Factor

1.4.2

08-11-2022

Precision 3470

1.7.0

10-17-2022

Precision 3560

1.24.3

11-16-2022

Precision 3561

1.17.3

11-16-2022

Precision 3570

1.5.0

08-04-2022

Precision 3571

1.6.0

08-01-2022

Precision 3650 Tower

1.16.0

10-11-2022

Precision 3660

1.4.0

08-09-2022

Precision 5470

1.5.0

08-16-2022

Precision 5550

1.19.0

10-12-2022

Precision 5560

1.15.2

11-21-2022

Precision 5570

1.5.0

08-16-2022

Precision 5750

1.20.0

10-11-2022

Precision 5760

1.15.2

11-16-2022

Precision 5770

1.9.0

08-16-2022

Precision 7560

1.16.0

10-14-2022

Precision 7670

1.7.1

11-14-2022

Precision 7760

1.16.0

10-14-2022

Precision 7770

1.7.1

11-14-2022

Vostro 3400

1.19.0

10-11-2022

Vostro 3401

1.19.0

10-11-2022

Vostro 3420

1.8.2

11-11-2022

Vostro 3490

1.21.0

10-10-2022

Vostro 3500

1.19.0

10-11-2022

Vostro 3501

1.19.0

10-11-2022

Vostro 3510

1.18.2

11-21-2022

Vostro 3520

1.8.2

11-11-2022

Vostro 3590

1.21.0

10-10-2022

Vostro 3690

1.12.0

10-17-2022

Vostro 3710

1.7.3

11-11-2022

Vostro 3890

1.12.0

10-17-2022

Vostro 3910

1.7.3

11-11-2022

Vostro 5300

1.17.0

10-11-2022

Vostro 5301

1.21.0

10-11-2022

Vostro 5310

2.15.0

10-11-2022

Vostro 5390

1.19.0

11-15-2022

Vostro 5391

1.20.0

11-15-2022

Vostro 5401

1.18.0

10-11-2022

Vostro 5402

1.18.0

10-11-2022

Vostro 5410

2.15.2

11-15-2022

Vostro 5490

1.21.0

11-16-2022

Vostro 5491

1.24.0

10-10-2022

Vostro 5501

1.18.0

10-11-2022

Vostro 5502

1.18.0

10-11-2022

Vostro 5510

2.15.2

11-15-2022

Vostro 5590

1.21.0

11-16-2022

Vostro 5591

1.24.0

10-10-2022

Vostro 5620

1.6.0

08-08-2022

Vostro 5890

1.12.0

10-11-2022

Vostro 7500

1.18.0

10-07-2022

Vostro 7510

1.12.0

10-12-2022

XPS 13 9305

1.10.0

10-18-2022

XPS 13 7390

1.18.0

10-13-2022

XPS 13 7390 2-in-1

1.20.0

10-13-2022

XPS 13 9300

1.15.0

10-12-2022

XPS 13 9310

3.11.0

10-12-2022

XPS 13 9310 2-in-1

2.14.0

10-12-2022

XPS 13 9315

1.2.0

08-16-2022

XPS 13 9320

1.6.0

08-10-2022

XPS 15 9500

1.19.0

10-11-2022

XPS 15 9510

1.15.2

11-21-2022

XPS 15 9520

1.5.0

08-16-2022

XPS 17 9700

1.20.0

10-11-2022

XPS 17 9710

1.15.2

11-14-2022

XPS 17 9720

1.9.0

08-16-2022

Artikkelin ominaisuudet

Tuote, johon asia vaikuttaa

Alienware m15 R6, Alienware m15 R7, Dell G5 15 5500, Dell G15 5510, Dell G15 5511, Dell G15 5520, Dell G7 15 7500, Dell G16 7620, Dell G7 17 7700, Inspiron 5300, Inspiron 5301, Inspiron 5390, Inspiron 5391, Inspiron 7300 2-in-1, Inspiron 7300 , Inspiron 7391 2-in-1, Inspiron 7391, Inspiron 3490, Inspiron 3493, Inspiron 5400 2-in-1, Inspiron 5401/5408, Inspiron 5402/5409, Inspiron 5406 2-in-1, Inspiron 14 5410 2-in-1, Inspiron 5493, Inspiron 5494, Inspiron 5498, Inspiron 7400, Inspiron 7490, Inspiron 3501, Inspiron 15 3511, Inspiron 3520 (End of Life), Inspiron 3590, Inspiron 3593, Inspiron 5501/5508, Inspiron 5502/5509, Inspiron 5590, Inspiron 5591 2-in-1, Inspiron 5593, Inspiron 5594, Inspiron 5598, Inspiron 7500 2-in-1 Black, Inspiron 7500 2-in-1 Silver, Inspiron 7500, Inspiron 7501, Inspiron 7506 2-in-1, Inspiron 7591, Inspiron 16 Plus 7620, Inspiron 3790, Inspiron 3793, Inspiron 7706 2-in-1, Inspiron 5491 AIO, Inspiron 3891, Inspiron 3910, Inspiron 7000, Latitude 3301, Latitude 3320, Latitude 3330, Latitude 5320, Latitude 5330, Latitude 7320, Latitude 7320 Detachable, Latitude 7330, Latitude 7330 Rugged Extreme, Latitude 3410, Latitude 3420, Latitude 3430, Latitude 5421, Latitude 5430 Rugged, Latitude 5431, Latitude 7420, Latitude 7430, Latitude 9420, Latitude 9430, Latitude 3500, Latitude 3510, Latitude 3520, Latitude 3530, Latitude 5521, Latitude 5530, Latitude 5531, Latitude 7520, Latitude 7530, Latitude 9520, Latitude 5420, Latitude 5430, OptiPlex 3000, OptiPlex 3000 Thin Client, OptiPlex 3090, OptiPlex 3090 Ultra, Optiplex 5000, OptiPlex 5090, OptiPlex 5490 All-In-One, OptiPlex 7000, OptiPlex 7090, OptiPlex 7090 Ultra, OptiPlex 7490 All-In-One, Precision 3470, Precision 5470, Precision 3560, Precision 3561, Precision 3570, Precision 3571, Precision 5550, Precision 5570, Precision 7560, Precision 7670, Precision 5750, Precision 5760, Precision 5770, Precision 7760, Precision 7770, Precision 3460 Small Form Factor, Precision 3650 Tower, Product Security Information, Vostro 5300, Vostro 5301, Vostro 13 5310, Vostro 5390, Vostro 3400, Vostro 3401, Vostro 3420, Vostro 3490, Vostro 5401, Vostro 5402, Vostro 5490, Vostro 3500, Vostro 3501, Vostro 3520, Vostro 3590, Vostro 5501, Vostro 5502, Vostro 5590, Vostro 7500, Vostro 5620, Vostro 3690, Vostro 3710, Vostro 3890, Vostro 3910, Vostro 5890, XPS 13 7390 2-in-1, XPS 13 7390, XPS 13 9300, XPS 13 9305, XPS 13 9310 2-in-1, XPS 13 9310, XPS 13 9315, XPS 15 9500, XPS 15 9510, XPS 15 9520, XPS 17 9700, XPS 17 9710, XPS 17 9720 …

Edellinen julkaisupäivä

16 jouluk. 2022

Versio

1

Artikkelin tyyppi

Dell Security Advisory

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907