CVE-2022-22567

CVSS 4.7 MEDIUMEPSS 0.1%CWE-345

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:L

Affected products

Dell · CPG BIOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000195905/dsa-2022-028