CVE-2022-24410

Name: CVE-2022-24410
Creator: NVD / NIST
Published: 2023-02-10T11:15:32.857+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.2/10EPSS 0.17%

Last modified Jun 17, 2026

CVE-2022-24410 is a medium-severity vulnerability rated 4.2/10 on the CVSS scale. Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces. . EPSS estimates a 0.17% chance of exploitation in the next 30 days.

Description

Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces.

Metrics

CVSS 3.1

4.2/10

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

0.17%

6.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Dell	Alienware 13 R2 Firmware	< 1.13.1
Dell	Alienware 13 R3 Firmware	< 1.12.2
Dell	Alienware 15 R2 Firmware	< 1.13.1
Dell	Alienware 15 R3 Firmware	< 1.12.2
Dell	Alienware 15 R4 Firmware	< 1.13.2
Dell	Alienware 17 R3 Firmware	< 1.13.1
Dell	Alienware 17 R4 Firmware	< 1.12.2
Dell	Alienware 17 R5 Firmware	< 1.13.2
Dell	Alienware Area 51m R1 Firmware	< 1.15.1
Dell	Alienware Area 51m R2 Firmware	< 1.8.0
Dell	Alienware Aurora R11 Firmware	< 1.0.7
Dell	Alienware Aurora R7 Firmware	< 1.0.24
Dell	Alienware Aurora R8 Firmware	< 1.0.16
Dell	Alienware Aurora R9 Firmware	< 1.0.13
Dell	Alienware M15 R1 Firmware	< 2.8.0
Dell	Alienware M15 R2 Firmware	< 1.8.1
Dell	Alienware M15 R3 Firmware	< 1.9.1
Dell	Alienware M15 R4 Firmware	< 1.5.1
Dell	Alienware M15 R6 Firmware	< 1.5.1
Dell	Alienware M17 R1 Firmware	< 2.8.0
Dell	Alienware M17 R2 Firmware	< 1.8.1
Dell	Alienware M17 R3 Firmware	< 1.9.1
Dell	Alienware M17 R4 Firmware	< 1.5.1
Dell	Chengming 3977 Firmware	< 1.12.0
Dell	Chengming 3980 Firmware	< 2.18.0
Dell	Chengming 3988 Firmware	< 1.6.0
Dell	Chengming 3990 Firmware	< 1.6.0
Dell	Chengming 3991 Firmware	< 1.6.0
Dell	G15 5511 Firmware	< 1.5.0
Dell	G15 5511 Firmware	1.9.0
Dell	G3 15 3590 Firmware	< 1.13.0
Dell	G3 3500 Firmware	< 1.10.1
Dell	G3 3500 Firmware	1.12.0
Dell	G3 3579 Firmware	< 1.16.0
Dell	G3 3779 Firmware	< 1.16.0
Dell	G5 15 5500 Firmware	< 1.10.1
Dell	G5 15 5590 Firmware	< 1.15.3
Dell	G5 5000 Firmware	< 1.2.0
Dell	G5 5090 Firmware	< 1.8.4
Dell	G7 15 7500 Firmware	< 1.10.0
Dell	G7 15 7590 Firmware	< 1.15.3
Dell	G7 17 7700 Firmware	< 1.10.0
Dell	G7 17 7790 Firmware	< 1.15.3
Dell	Latitude 3480 Firmware	< 1.16.1
Dell	Latitude 3580 Firmware	< 1.16.1
Dell	Embedded Box Pc 5000 Firmware	< 1.10.2
Dell	Inspiron 14 5410 2-In-1 Firmware	< 2.1.1
Dell	Inspiron 15 3511 Firmware	< 1.5.1
Dell	Inspiron 3268 Firmware	< 1.16.1
Dell	Inspiron 3277 Firmware	< 1.15.1

Showing 50 of 159 affected configurations. See NVD for the full list.

References

https://www.dell.com/support/kbdoc/en-us/000205719/dsa-2022-325Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000205719/dsa-2022-325Vendor Advisory

Timeline

Published: Feb 10, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-24410?

How severe is CVE-2022-24410?

CVE-2022-24410 has a CVSS score of 4.2/10 (MEDIUM severity). The EPSS model estimates a 0.17% probability of exploitation in the next 30 days.

How do I fix CVE-2022-24410?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-24410?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST