CVE-2022-32482

high-risk

Published 2023-02-01

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.6/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Inspiron 5408 Firmware

Inspiron 5409 Firmware

Inspiron 5410 All-In-One Firmware

Inspiron 5420 Firmware

Inspiron 5490 Firmware

Inspiron 5491 2-In-1 Firmware

Inspiron 5493 Firmware

Inspiron 5494 Firmware

Inspiron 5498 Firmware

Inspiron 5501 Firmware

Inspiron 5502 Firmware

Inspiron 5508 Firmware

Inspiron 5509 Firmware

Inspiron 5510 Firmware

Inspiron 5583 Firmware

Inspiron 5584 Firmware

Inspiron 5590 Firmware

Inspiron 5591 2-In-1 Firmware

Inspiron 5593 Firmware

Inspiron 5594 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000205717/dsa-2022-326

/ 100

high-risk

Severity 19/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical