Five new security weaknesses have been disclosed in Dell BIOS that, if successfully exploited, could lead to code execution on vulnerable systems.
Tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, the high-severity vulnerabilities are rated 8.2 out of 10 on the CVSS scoring system.
All the flaws relate to improper input validation vulnerabilities affecting the System Management Mode (SMM) of the firmware, effectively allowing a local authenticated attacker to leverage the system management interrupt (SMI) to achieve arbitrary code execution.
System Management Mode refers to a special-purpose CPU mode in x86 microcontrollers that's designed for handling system-wide functions like power management, system hardware control, thermal monitoring, and other proprietary manufacturer-developed code.
Whenever one of these operations is requested, a non-maskable interrupt (SMI) is invoked at runtime, which executes SMM code installed by the BIOS. Given that SMM code executes at the highest privilege level and is invisible to the underlying operating system, the method makes it ripe for abuse to deploy persistent firmware implants.
A number of Dell products, including Alienware, Inspiron, Vostro line-ups, and Edge Gateway 3000 Series, are impacted, with the Texas-headquartered PC manufacturer recommending customers to upgrade their BIOS at the earliest opportunity.
The information contained in this website is for general information purposes only. The information is gathered from TheHackernews, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.