CVE-2022-31224

low-risk

Published 2022-09-12

Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 2.0/10 Low

PHYSICAL / HIGH complexity

Affected Products (20)

Chengming 3900 Firmware

Inspiron 14 Plus 7420 Firmware

Inspiron 16 Plus 7620 Firmware

Inspiron 3910 Firmware

Inspiron 5320 Firmware

Inspiron 5420 Firmware

Inspiron 5620 Firmware

Inspiron 7420 Firmware

Inspiron 7620 Firmware

Optiplex 3000 Firmware

Optiplex 3000 Thin Client Firmware

Optiplex 5000 Firmware

Optiplex 5400 Firmware

Optiplex 7000 Firmware

Optiplex 7000 Oem Firmware

Optiplex 7400 Firmware

Precision 3460 Small Form Factor Firmware

Precision 3660 Tower Firmware

Precision 5770 Firmware

Vostro 3710 Firmware

Affected Vendors

Dell

References (2)

Patch https://www.dell.com/support/kbdoc/000202196

/ 100

low-risk

Severity 5/34 · Minimal

Exploitability 0/34 · Minimal

Exposure 21/34 · High