CVE-2022-34400

7.1

HIGH

Dell BIOS SMM Heapy

Description

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

INFO

Published Date :

Feb. 1, 2023, 5:15 a.m.

Last Modified :

Nov. 7, 2023, 3:48 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.2

Exploitability Score :

1.8

Affected Products

The following products are affected by CVE-2022-34400 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Dell	cpg_bios
2	Dell	g5_se_5505_firmware
3	Dell	inspiron_3195_2-in-1_firmware
4	Dell	inspiron_3275_firmware
5	Dell	inspiron_3475_firmware
6	Dell	inspiron_3505_firmware
7	Dell	inspiron_3515_firmware
8	Dell	inspiron_3585_firmware
9	Dell	inspiron_3595_firmware
10	Dell	inspiron_3785_firmware
11	Dell	inspiron_5405_firmware
12	Dell	inspiron_5415_firmware
13	Dell	inspiron_5485_firmware
14	Dell	inspiron_5485_2-in-1_firmware
15	Dell	inspiron_5505_firmware
16	Dell	inspiron_5515_firmware
17	Dell	inspiron_5585_firmware
18	Dell	inspiron_7405_2-in-1_firmware
19	Dell	inspiron_7415_firmware
20	Dell	vostro_3405_firmware
21	Dell	vostro_3515_firmware
22	Dell	vostro_5415_firmware
23	Dell	vostro_5515_firmware
24	Dell	g15_5515_firmware
25	Dell	g15_5525_firmware
26	Dell	inspiron_3525_firmware
27	Dell	inspiron_7425_firmware
28	Dell	vostro_3525_firmware
29	Dell	vostro_5625_firmware
30	Dell	alienware_m15_ryzen_edition_r5_firmware
31	Dell	vostro_3425_firmware
32	Dell	alienware_m15_r6_firmware
33	Dell	alienware_m15_r7_firmware
34	Dell	g15_5510_firmware
35	Dell	g15_5511_firmware
36	Dell	inspiron_15_3511_firmware
37	Dell	inspiron_3891_firmware
38	Dell	inspiron_5310_firmware
39	Dell	inspiron_5410_firmware
40	Dell	inspiron_7510_firmware
41	Dell	inspiron_7610_firmware
42	Dell	latitude_3320_firmware
43	Dell	latitude_3420_firmware
44	Dell	latitude_3520_firmware
45	Dell	latitude_5320_firmware
46	Dell	latitude_5420_firmware
47	Dell	latitude_5520_firmware
48	Dell	latitude_5521_firmware
49	Dell	latitude_7320_detachable_firmware
50	Dell	latitude_9420_firmware
51	Dell	latitude_9520_firmware
52	Dell	latitude_rugged_5430_firmware
53	Dell	latitude_rugged_7330_firmware
54	Dell	latitude_5421_firmware
55	Dell	optiplex_5090_firmware
56	Dell	optiplex_5490_all-in-one_firmware
57	Dell	optiplex_7090_ultra_firmware
58	Dell	precision_3450_firmware
59	Dell	precision_3560_firmware
60	Dell	precision_3561_firmware
61	Dell	precision_3650_tower_firmware
62	Dell	precision_5560_firmware
63	Dell	precision_5760_firmware
64	Dell	precision_7560_firmware
65	Dell	precision_7760_firmware
66	Dell	vostro_3510_firmware
67	Dell	vostro_3690_firmware
68	Dell	vostro_3890_firmware
69	Dell	vostro_5310_firmware
70	Dell	vostro_5410_firmware
71	Dell	vostro_5510_firmware
72	Dell	vostro_5890_firmware
73	Dell	vostro_7510_firmware
74	Dell	xps_15_9510_firmware
75	Dell	xps_17_9710_firmware
76	Dell	latitude_7320_firmware
77	Dell	latitude_7420_firmware
78	Dell	latitude_7520_firmware
79	Dell	optiplex_7090_tower_firmware
80	Dell	inspiron_5510_firmware
81	Dell	alienware_m17_r5_amd_firmware
82	Dell	inspiron_14_5410_2-in-1_firmware
83	Dell	inspiron_5425_firmware
84	Dell	optiplex_7090_aio_firmware

: Total Affected Vendor : 1 | Products : 84

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-34400.

URL	Resource
https://www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-34400 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-34400 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by [email protected]

May. 14, 2024

Action Type Old Value New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Changed	Description	Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.	Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

Initial Analysis by [email protected]

Feb. 09, 2023

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Changed	Reference Type	https://www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327 No Types Assigned	https://www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327 Vendor Advisory
Added	CWE		NIST CWE-787
Added	CPE Configuration		AND OR cpe:2.3:o:dell:alienware_m15_r6_firmware::::::::* versions up to (excluding) 1.17.0 OR cpe:2.3:h:dell:alienware_m15_r6:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:alienware_m15_r7_firmware::::::::* versions up to (excluding) 1.4.3 OR cpe:2.3:h:dell:alienware_m15_r7:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:alienware_m15_ryzen_edition_r5_firmware::::::::* versions up to (excluding) 1.8.0 OR cpe:2.3:h:dell:alienware_m15_ryzen_edition_r5:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:alienware_m17_r5_amd_firmware::::::::* versions up to (excluding) 1.4.3 OR cpe:2.3:h:dell:alienware_m17_r5_amd:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:g15_5510_firmware::::::::* versions up to (excluding) 1.16.0 OR cpe:2.3:h:dell:g15_5510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:g15_5511_firmware::::::::* versions up to (excluding) 1.18.0 OR cpe:2.3:h:dell:g15_5511:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:g15_5515_firmware::::::::* versions up to (excluding) 1.8.0 OR cpe:2.3:h:dell:g15_5515:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:g15_5525_firmware::::::::* versions up to (excluding) 1.4.3 OR cpe:2.3:h:dell:g15_5525:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:g5_se_5505_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:g5_se_5505:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_14_5410_2-in-1_firmware::::::::* versions up to (excluding) 2.15.2 OR cpe:2.3:h:dell:inspiron_14_5410_2-in-1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_15_3511_firmware::::::::* versions up to (excluding) 1.18.2 OR cpe:2.3:h:dell:inspiron_15_3511:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3195_2-in-1_firmware::::::::* versions up to (excluding) 1.6.0 OR cpe:2.3:h:dell:inspiron_3195_2-in-1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3275_firmware::::::::* versions up to (excluding) 1.9.2 OR cpe:2.3:h:dell:inspiron_3275:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3475_firmware::::::::* versions up to (excluding) 1.9.2 OR cpe:2.3:h:dell:inspiron_3475:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3505_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:inspiron_3505:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3515_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:inspiron_3515:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3525_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:inspiron_3525:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3585_firmware::::::::* versions up to (excluding) 1.10.0 OR cpe:2.3:h:dell:inspiron_3585:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3595_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:inspiron_3595:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3785_firmware::::::::* versions up to (excluding) 1.10.0 OR cpe:2.3:h:dell:inspiron_3785:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_3891_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:inspiron_3891:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5310_firmware::::::::* versions up to (excluding) 2.15.0 OR cpe:2.3:h:dell:inspiron_5310:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5405_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:inspiron_5405:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5410_firmware::::::::* versions up to (excluding) 2.14.0 OR cpe:2.3:h:dell:inspiron_5410:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5415_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:inspiron_5415:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5425_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:inspiron_5425:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5485_firmware::::::::* versions up to (excluding) 2.11.0 OR cpe:2.3:h:dell:inspiron_5485:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5485_2-in-1_firmware::::::::* versions up to (excluding) 2.11.0 OR cpe:2.3:h:dell:inspiron_5485_2-in-1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5505_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:inspiron_5505:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5510_firmware::::::::* versions up to (excluding) 2.15.2 OR cpe:2.3:h:dell:inspiron_5510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5515_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:inspiron_5515:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_5585_firmware::::::::* versions up to (excluding) 2.11.0 OR cpe:2.3:h:dell:inspiron_5585:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_7405_2-in-1_firmware::::::::* versions up to (excluding) 1.10.1 OR cpe:2.3:h:dell:inspiron_7405_2-in-1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_7415_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:inspiron_7415:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_7425_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:inspiron_7425:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_7510_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:inspiron_7510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:inspiron_7610_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:inspiron_7610:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_3320_firmware::::::::* versions up to (excluding) 1.18.2 OR cpe:2.3:h:dell:latitude_3320:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_3420_firmware::::::::* versions up to (excluding) 1.23.2 OR cpe:2.3:h:dell:latitude_3420:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_3520_firmware::::::::* versions up to (excluding) 1.23.2 OR cpe:2.3:h:dell:latitude_3520:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_5320_firmware::::::::* versions up to (excluding) 1.24.3 OR cpe:2.3:h:dell:latitude_5320:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_5420_firmware::::::::* versions up to (excluding) 1.22.0 OR cpe:2.3:h:dell:latitude_5420:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_5520_firmware::::::::* versions up to (excluding) 1.24.3 OR cpe:2.3:h:dell:latitude_5520:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_5521_firmware::::::::* versions up to (excluding) 1.17.3 OR cpe:2.3:h:dell:latitude_5521:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_7320_firmware::::::::* versions up to (excluding) 1.20.0 OR cpe:2.3:h:dell:latitude_7320:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_7320_detachable_firmware::::::::* versions up to (excluding) 1.17.2 OR cpe:2.3:h:dell:latitude_7320_detachable:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_7420_firmware::::::::* versions up to (excluding) 1.20.0 OR cpe:2.3:h:dell:latitude_7420:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_7520_firmware::::::::* versions up to (excluding) 1.20.0 OR cpe:2.3:h:dell:latitude_7520:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_9420_firmware::::::::* versions up to (excluding) 1.16.2 OR cpe:2.3:h:dell:latitude_9420:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_9520_firmware::::::::* versions up to (excluding) 1.17.0 OR cpe:2.3:h:dell:latitude_9520:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_rugged_5430_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:latitude_rugged_5430:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_rugged_7330_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:latitude_rugged_7330:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:latitude_5421_firmware::::::::* versions up to (excluding) 1.15.0 OR cpe:2.3:h:dell:latitude_5421:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:optiplex_5090_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:optiplex_5090:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:optiplex_5490_all-in-one_firmware::::::::* versions up to (excluding) 1.15.0 OR cpe:2.3:h:dell:optiplex_5490_all-in-one:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:optiplex_7090_tower_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:optiplex_7090_tower:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:optiplex_7090_ultra_firmware::::::::* versions up to (excluding) 1.15.0 OR cpe:2.3:h:dell:optiplex_7090_ultra:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:optiplex_7090_aio_firmware::::::::* versions up to (excluding) 1.15.0 OR cpe:2.3:h:dell:optiplex_7090_aio:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_3450_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:precision_3450:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_3560_firmware::::::::* versions up to (excluding) 1.24.3 OR cpe:2.3:h:dell:precision_3560:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_3561_firmware::::::::* versions up to (excluding) 1.17.3 OR cpe:2.3:h:dell:precision_3561:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_3650_tower_firmware::::::::* versions up to (excluding) 1.16.0 OR cpe:2.3:h:dell:precision_3650_tower:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_5560_firmware::::::::* versions up to (excluding) 1.15.2 OR cpe:2.3:h:dell:precision_5560:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_5760_firmware::::::::* versions up to (excluding) 1.15.2 OR cpe:2.3:h:dell:precision_5760:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_7560_firmware::::::::* versions up to (excluding) 1.16.0 OR cpe:2.3:h:dell:precision_7560:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:precision_7760_firmware::::::::* versions up to (excluding) 1.16.0 OR cpe:2.3:h:dell:precision_7760:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3405_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:vostro_3405:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3425_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:vostro_3425:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3510_firmware::::::::* versions up to (excluding) 1.18.2 OR cpe:2.3:h:dell:vostro_3510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3515_firmware::::::::* versions up to (excluding) 1.9.0 OR cpe:2.3:h:dell:vostro_3515:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3525_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:vostro_3525:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3690_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:vostro_3690:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_3890_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:vostro_3890:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5310_firmware::::::::* versions up to (excluding) 2.15.0 OR cpe:2.3:h:dell:vostro_5310:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5410_firmware::::::::* versions up to (excluding) 2.15.2 OR cpe:2.3:h:dell:vostro_5410:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5415_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:vostro_5415:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5510_firmware::::::::* versions up to (excluding) 2.15.2 OR cpe:2.3:h:dell:vostro_5510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5515_firmware::::::::* versions up to (excluding) 1.13.0 OR cpe:2.3:h:dell:vostro_5515:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5625_firmware::::::::* versions up to (excluding) 1.5.0 OR cpe:2.3:h:dell:vostro_5625:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_5890_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:vostro_5890:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:vostro_7510_firmware::::::::* versions up to (excluding) 1.12.0 OR cpe:2.3:h:dell:vostro_7510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:xps_15_9510_firmware::::::::* versions up to (excluding) 1.15.2 OR cpe:2.3:h:dell:xps_15_9510:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:dell:xps_17_9710_firmware::::::::* versions up to (excluding) 1.15.2 OR cpe:2.3:h:dell:xps_17_9710:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-34400 is associated with the following CWEs:

CWE-122: Heap-based Buffer Overflow

CWE-787: Out-of-bounds Write

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-34400 weaknesses.

CAPEC-92: Forced Integer Overflow Forced Integer Overflow

CVE-2022-34400

Dell BIOS SMM Heapy

Description

INFO

Feb. 1, 2023, 5:15 a.m.

Nov. 7, 2023, 3:48 a.m.

[email protected]

No

5.2

1.8

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.04 }} 0.00%

0.05635

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable