Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles
DSA-2022-221: Dell Networking Security Update for a BIOS Vulnerability
Summary:Dell Networking remediation is available for a BIOS Vulnerability that may be exploited by malicious users to compromise the affected system.
Please select a product to check article relevancy
This article applies to This article does not apply toThis article is not tied to any specific product.Not all product versions are identified in this article.
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.
8.1
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Proprietary Code CVE
Description
CVSS Base Score
CVSS Vector String
CVE-2022-34383
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.
8.1
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.