CVE-2022-26864

Name: CVE-2022-26864
Creator: NVD / NIST
Published: 2022-06-23T18:15:07.943+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.27%

Last modified Jun 17, 2026

CVE-2022-26864 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.. EPSS estimates a 0.27% chance of exploitation in the next 30 days.

Description

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.27%

17.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Dell	Alienware M15 R5 Firmware	< 1.5.0
Dell	G15 5515 Firmware	< 1.6.0
Dell	G5 Se 5505 Firmware	< 1.11.0
Dell	Inspiron 27 7775 Firmware	< 2.16.1
Dell	Inspiron 14 5425 Firmware	< 1.2.1
Dell	Inspiron 3275 Firmware	< 1.9.0
Dell	Inspiron 3475 Firmware	< 1.9.0
Dell	Inspiron 3180 Firmware	< 1.4.4
Dell	Inspiron 3185 Firmware	< 1.4.4
Dell	Inspiron 3195 Firmware	< 1.4.1
Dell	Inspiron 3505 Firmware	< 1.6.0
Dell	Inspiron 3515 Firmware	< 1.5.0
Dell	Inspiron 3525 Firmware	< 1.3.0
Dell	Inspiron 3585 Firmware	< 1.7.0
Dell	Inspiron 3595 Firmware	< 1.3.0
Dell	Inspiron 3785 Firmware	< 1.7.0
Dell	Inspiron 5405 Firmware	< 1.7.0
Dell	Inspiron 5415 Firmware	< 1.9.0
Dell	Inspiron 5415 All-In-One Firmware	< 1.5.0
Dell	Inspiron 5485 Firmware	< 2.8.0
Dell	Inspiron 5505 Firmware	< 1.7.0
Dell	Inspiron 5515 Firmware	< 1.9.0
Dell	Inspiron 5575 Firmware	< 1.6.0
Dell	Inspiron 5585 Firmware	< 2.8.0
Dell	Inspiron 7375 Firmware	< 1.7.0
Dell	Inspiron 7405 Firmware	< 1.8.0
Dell	Inspiron 7415 Firmware	< 1.9.0
Dell	Inspiron 7425 Firmware	< 1.2.1
Dell	Vostro 3405 Firmware	< 1.6.0
Dell	Vostro 3515 Firmware	< 1.5.0
Dell	Vostro 3525 Firmware	< 1.3.0
Dell	Vostro 5415 Firmware	< 1.9.0
Dell	Vostro 5515 Firmware	< 1.9.0
Dell	Vostro 5625 Firmware	< 1.2.1

References

https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096Vendor Advisory

Timeline

Published: Jun 23, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-26864?

How severe is CVE-2022-26864?

CVE-2022-26864 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.27% probability of exploitation in the next 30 days.

How do I fix CVE-2022-26864?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-26864?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST