Security researchers reported several new vulnerabilities in Dell BIOS that could lead to remote code execution attacks. The said, highly severe vulnerabilities are tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, with a severity rating of 8.2 out of 10 according to the CVSS system.
Dell BIOS Vulnerabilities (CVE-2022-24415)
According to the Dell’s advisory, here are the vulnerabilities and their descriptions:
CVE-2022-24415: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVE-2022-24416: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVE-2022-24419: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVE-2022-24420: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CVE-2022-24421: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
The impact of the security weaknesses is considered high, with affected Dell products including Alienware, Inspiron, Vostro line-ups, and Edge Gateway 3000 Series. The manufacturer is recommending customers to upgrade their BIOS at the as soon as possible to avoid any exploits.
The vulnerabilities were discovered by Binarly researchers, who say that “the ongoing discovery of these vulnerabilities demonstrate what we describe as ‘repeatable failures’ around the lack of input sanitation or, in general, insecure coding practices.”
The discovery of the flaws is specifically attributed to JiaWei Yin (yngweijw) for reporting CVE-2022-24415 and CVE-2022-24416 and Binarly efiXplorer Team for reporting CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421.
It is noteworthy that last year, multiple severe flaws were reported to affect the BIOSConnect feature within Dell Client BIOS, a feature of SupportAssist allowing users to perform remote recovery of the operating system or update the device’s firmware.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: