CVE-2022-22566
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/02/2022
Last modified:
16/02/2022
Description
Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.
Impact
Base Score 3.x
7.20
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:* | 1.16.0 (excluding) | |
cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:* | 1.11.0 (excluding) | |
cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:* | 1.12.0 (excluding) | |
cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:* | 1.6.2 (excluding) | |
cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_m15_r6_firmware:*:*:*:*:*:*:*:* | 1.6.0 (excluding) | |
cpe:2.3:o:dell:alienware_m15_r6_firmware:*:*:*:*:*:*:*:* | 1.6.0 (excluding) | 1.8.0 (excluding) |
cpe:2.3:h:dell:alienware_m15_r6:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:* | 1.12.0 (excluding) | |
cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:* | 1.6.2 (excluding) | |
cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page