dell alienware_m15_r5_firmware 输入验证不恰当

CVE编号

CVE-2022-26862

利用情况

暂无

补丁情况

N/A

披露时间

2022-06-24
漏洞描述
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 dell alienware_m15_r5_firmware * Up to
(excluding)
1.5.0
运行在以下环境
系统 dell g15_5515_firmware * Up to
(excluding)
1.6.0
运行在以下环境
系统 dell g5_se_5505_firmware * Up to
(excluding)
1.11.0
运行在以下环境
系统 dell inspiron_14_5425_firmware * Up to
(excluding)
1.2.1
运行在以下环境
系统 dell inspiron_27_7775_firmware * Up to
(excluding)
2.16.1
运行在以下环境
系统 dell inspiron_3180_firmware * Up to
(excluding)
1.4.4
运行在以下环境
系统 dell inspiron_3185_firmware * Up to
(excluding)
1.4.4
运行在以下环境
系统 dell inspiron_3195_firmware * Up to
(excluding)
1.4.1
运行在以下环境
系统 dell inspiron_3275_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell inspiron_3475_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell inspiron_3505_firmware * Up to
(excluding)
1.6.0
运行在以下环境
系统 dell inspiron_3515_firmware * Up to
(excluding)
1.5.0
运行在以下环境
系统 dell inspiron_3525_firmware * Up to
(excluding)
1.3.0
运行在以下环境
系统 dell inspiron_3585_firmware * Up to
(excluding)
1.7.0
运行在以下环境
系统 dell inspiron_3595_firmware * Up to
(excluding)
1.3.0
运行在以下环境
系统 dell inspiron_3785_firmware * Up to
(excluding)
1.7.0
运行在以下环境
系统 dell inspiron_5405_firmware * Up to
(excluding)
1.7.0
运行在以下环境
系统 dell inspiron_5415_all-in-one_firmware * Up to
(excluding)
1.5.0
运行在以下环境
系统 dell inspiron_5415_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell inspiron_5485_firmware * Up to
(excluding)
2.8.0
运行在以下环境
系统 dell inspiron_5505_firmware * Up to
(excluding)
1.7.0
运行在以下环境
系统 dell inspiron_5515_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell inspiron_5575_firmware * Up to
(excluding)
1.6.0
运行在以下环境
系统 dell inspiron_5585_firmware * Up to
(excluding)
2.8.0
运行在以下环境
系统 dell inspiron_7375_firmware * Up to
(excluding)
1.7.0
运行在以下环境
系统 dell inspiron_7405_firmware * Up to
(excluding)
1.8.0
运行在以下环境
系统 dell inspiron_7415_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell inspiron_7425_firmware * Up to
(excluding)
1.2.1
运行在以下环境
系统 dell vostro_3405_firmware * Up to
(excluding)
1.6.0
运行在以下环境
系统 dell vostro_3515_firmware * Up to
(excluding)
1.5.0
运行在以下环境
系统 dell vostro_3525_firmware * Up to
(excluding)
1.3.0
运行在以下环境
系统 dell vostro_5415_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell vostro_5515_firmware * Up to
(excluding)
1.9.0
运行在以下环境
系统 dell vostro_5625_firmware * Up to
(excluding)
1.2.1
运行在以下环境
硬件 dell alienware_m15_r5 - -
运行在以下环境
硬件 dell g15_5515 - -
运行在以下环境
硬件 dell g5_se_5505 - -
运行在以下环境
硬件 dell inspiron_14_5425 - -
运行在以下环境
硬件 dell inspiron_27_7775 - -
运行在以下环境
硬件 dell inspiron_3180 - -
运行在以下环境
硬件 dell inspiron_3185 - -
运行在以下环境
硬件 dell inspiron_3195 - -
运行在以下环境
硬件 dell inspiron_3275 - -
运行在以下环境
硬件 dell inspiron_3475 - -
运行在以下环境
硬件 dell inspiron_3505 - -
运行在以下环境
硬件 dell inspiron_3515 - -
运行在以下环境
硬件 dell inspiron_3525 - -
运行在以下环境
硬件 dell inspiron_3585 - -
运行在以下环境
硬件 dell inspiron_3595 - -
运行在以下环境
硬件 dell inspiron_3785 - -
运行在以下环境
硬件 dell inspiron_5405 - -
运行在以下环境
硬件 dell inspiron_5415 - -
运行在以下环境
硬件 dell inspiron_5415_all-in-one - -
运行在以下环境
硬件 dell inspiron_5485 - -
运行在以下环境
硬件 dell inspiron_5505 - -
运行在以下环境
硬件 dell inspiron_5515 - -
运行在以下环境
硬件 dell inspiron_5575 - -
运行在以下环境
硬件 dell inspiron_5585 - -
运行在以下环境
硬件 dell inspiron_7375 - -
运行在以下环境
硬件 dell inspiron_7405 - -
运行在以下环境
硬件 dell inspiron_7415 - -
运行在以下环境
硬件 dell inspiron_7425 - -
运行在以下环境
硬件 dell vostro_3405 - -
运行在以下环境
硬件 dell vostro_3515 - -
运行在以下环境
硬件 dell vostro_3525 - -
运行在以下环境
硬件 dell vostro_5415 - -
运行在以下环境
硬件 dell vostro_5515 - -
运行在以下环境
硬件 dell vostro_5625 - -
CVSS3评分
7.8
  • 攻击路径
    本地
  • 攻击复杂度
  • 权限要求
  • 影响范围
    未更改
  • 用户交互
  • 可用性
  • 保密性
  • 完整性
CWE-ID 漏洞类型
CWE-20 输入验证不恰当
阿里云安全产品覆盖情况