CVE-2022-22566 Information

Description

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Reference

https://www.dell.com/support/kbdoc/en-us/000195905/dsa-2022-028

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.2