CVE-2022-32490

high

Description

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

References

https://www.dell.com/support/kbdoc/000204685

Details

Source: MITRE

Published: 2023-01-18

Updated: 2023-01-25

Type: CWE-20

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 1.1

Severity: HIGH