CVE-2022-31225

low-risk

Published 2022-09-12

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.0/10 Low

LOCAL / HIGH complexity

Affected Products (20)

Chengming 3900 Firmware

Inspiron 14 Plus 7420 Firmware

Inspiron 16 Plus 7620 Firmware

Inspiron 3910 Firmware

Inspiron 5320 Firmware

Inspiron 5420 Firmware

Inspiron 5620 Firmware

Inspiron 7420 Firmware

Inspiron 7620 Firmware

Optiplex 3000 Firmware

Optiplex 3000 Thin Client Firmware

Optiplex 5000 Firmware

Optiplex 5400 Firmware

Optiplex 7000 Firmware

Optiplex 7000 Oem Firmware

Optiplex 7400 Firmware

Precision 3460 Small Form Factor Firmware

Precision 3660 Tower Firmware

Precision 5770 Firmware

Vostro 3710 Firmware

Affected Vendors

Dell

References (2)

Patch https://www.dell.com/support/kbdoc/000202196

/ 100

low-risk

Severity 8/34 · Low

Exploitability 0/34 · Minimal

Exposure 21/34 · High