CVE-2022-24420 Dell BIOS contains an improper input validation vulnerability

This vulnerability may be exploited by a local user or remote attacker by sending an SMI to the system. To exploit the issue, an attacker must be logged in as an administrator, be able to send messages to the affected system, and have permissions to install SMI packages. End users and remote attackers cannot exploit this issue. To correct this issue, update your system’s BIOS to the latest version. Note: It may take up to 90 days for all systems with an older BIOS to be updated. Dell has provided updated instructions on how to update the BIOS on your system.

Update the BIOS on Dell systems

Dell has provided updated instructions on how to update the BIOS on your system.

Vulnerability Information and Technical Details

This vulnerability allows a local user or remote attacker to send an SMI to the system. To exploit this issue, the attacker must be logged in as an administrator, have permissions to install SMI packages, and be able to send messages to the affected system. This vulnerability can only be exploited by end users and remote attackers cannot exploit it. To correct this issue, update your system’s BIOS to the latest version. Note: It may take up to 90 days for all systems with an older BIOS to be updated. Dell has provided updated instructions on how to update the BIOS on your system.

Read also:

BIOS Updates
The BIOS is the first program that runs when a computer starts. It contains information about the hardware configuration of the system, and it is responsible for receiving instructions from the operating system to start up Windows or other programs. The BIOS is usually updated by an Intel or Dell technician, but it can also be updated by users with sufficient knowledge of computers. Updates will happen automatically, but they may take up to 90 days for all systems with an older BIOS to be updated. To update your BIOS, follow these steps:
- Power off your computer
- Unplug its power cord
- Press and hold the "Delete" key on your keyboard
- Hold down both the "Option" key and the "Esc" key
- Plug in your computer's power cord
- Release all held keys

Timeline

Published on: 03/11/2022 22:15:00 UTC
Last modified on: 03/18/2022 20:22:00 UTC

References