Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-34405: DSA-2022-316: Dell Client Security Update for a Realtek High Definition Audio Driver Vulnerability

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

CVE
#vulnerability#ios#bios#auth#dell

Vaikutus

High

Tiedot

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2022-34405

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated attacker may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

7.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2022-34405

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated attacker may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

7.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

Product

Module

Update Version

Release Date

Alienware m15 Ryzen Edition R5

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Alienware m15 R6

Realtek High Definition Audio Driver

6.0.9400.1

10-20-2022

Dell G5 5090

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Dell G5 5000

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Alienware Area 51m R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Dell G7 7500

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Dell G7 7700

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Alienware x15 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9388.1
1.37.275.0

09-12-2022

Alienware x17 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9388.1
1.37.275.0

09-12-2022

Alienware m15 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Alienware m17 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Dell Gaming G3 3590

Realtek High Definition Audio Driver

6.0.9254.1

10-25-2022

Dell G3 3500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Dell G5 5500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Alienware Area 51m R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware Aurora R8

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Dell G15 5515

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Dell G15 5510

Realtek High Definition Audio Driver

6.0.9400.1

10-27-2022

Dell G15 5511

Realtek High Definition Audio Driver

6.0.9400.1

10-26-2022

Alienware Aurora R10

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware Aurora R9

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Alienware Aurora R11

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware Aurora R12

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware m15 R3

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m15 R4

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R3

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R4

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Dell G5 5590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7790

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Alienware Aurora R13

Realtek High Definition Audio Driver

6.0.9388.1

10-12-2022

Alienware m15 R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Product

Module

Update Version

Release Date

Alienware m15 Ryzen Edition R5

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Alienware m15 R6

Realtek High Definition Audio Driver

6.0.9400.1

10-20-2022

Dell G5 5090

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Dell G5 5000

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Alienware Area 51m R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Dell G7 7500

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Dell G7 7700

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Alienware x15 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9388.1
1.37.275.0

09-12-2022

Alienware x17 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9388.1
1.37.275.0

09-12-2022

Alienware m15 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Alienware m17 R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Dell Gaming G3 3590

Realtek High Definition Audio Driver

6.0.9254.1

10-25-2022

Dell G3 3500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Dell G5 5500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Alienware Area 51m R1

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware Aurora R8

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Dell G15 5515

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Dell G15 5510

Realtek High Definition Audio Driver

6.0.9400.1

10-27-2022

Dell G15 5511

Realtek High Definition Audio Driver

6.0.9400.1

10-26-2022

Alienware Aurora R10

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware Aurora R9

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-13-2022

Alienware Aurora R11

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware Aurora R12

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-12-2022

Alienware m15 R3

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m15 R4

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R3

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R4

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Dell G5 5590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7790

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Alienware Aurora R13

Realtek High Definition Audio Driver

6.0.9388.1

10-12-2022

Alienware m15 R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Alienware m17 R2

Realtek High Definition Audio Driver
Realtek Audio Console Application

6.0.9394.1
1.37.275.0

10-19-2022

Kiitokset

CVE-2022-34405: Dell Technologies would like to thank khangkito for reporting this issue.

Versiohistoria

Revision

Date

Description

1.0

2022-12-16

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Alienware Area-51m, Alienware Area-51m R2, Alienware Aurora R13, Alienware Aurora R8, Alienware Aurora R9, Alienware m15 R2, Alienware m15 R3, Alienware m15 R4, Alienware m15 Ryzen Edition R5, Alienware m15 R6, Alienware m17, Alienware m17 R2 , Alienware m17 R3, Alienware m17 R4, Alienware x15 R1, Alienware x17 R1, Alienware Area-51m, Dell G3 15 3500, Dell G3 15 3590, Dell G5 15 5500, Dell G15 5510, Dell G15 5511, Dell G15 5515 Ryzen Edition, Dell G5 15 5590, Dell G7 15 7500, Dell G7 15 7590, Dell G7 17 7700, Dell G7 17 7790, Dell G5 5000, Dell G5 5090, Product Security Information …

19 jouluk. 2022

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907