CVE-2022-46752
MEDIUMCVSS 4.6/10EPSS 0.29%
Last modified
CVE-2022-46752 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. . EPSS estimates a 0.29% chance of exploitation in the next 30 days.
Description
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Inspiron 14 Plus 7420 Firmware | < 1.8.0 |
| Dell | Inspiron 14 Plus 7620 Firmware | < 1.8.0 |
| Dell | Inspiron 3511 Firmware | < 1.19.0 |
| Dell | Inspiron 3520 Firmware | < 1.9.0 |
| Dell | Inspiron 5310 Firmware | < 2.17.0 |
| Dell | Inspiron 5320 Firmware | < 1.7.0 |
| Dell | Inspiron 5410 Firmware | < 2.16.0 |
| Dell | Inspiron 5420 Firmware | < 1.10.0 |
| Dell | Inspiron 5510 Firmware | < 2.16.0 |
| Dell | Inspiron 5620 Firmware | < 1.10.0 |
| Dell | Inspiron 7420 Firmware | < 1.8.0 |
| Dell | Inspiron 7510 Firmware | < 1.14.0 |
| Dell | Inspiron 7610 Firmware | < 1.14.0 |
| Dell | Inspiron 7620 Firmware | < 1.8.0 |
| Dell | Latitude 3140 Firmware | < 1.2.0 |
| Dell | Latitude 3320 Firmware | < 1.19.0 |
| Dell | Latitude 3330 Firmware | < 1.10.0 |
| Dell | Latitude 3420 Firmware | < 1.25.1 |
| Dell | Latitude 3430 Firmware | < 1.7.0 |
| Dell | Latitude 3520 Firmware | < 1.25.1 |
| Dell | Latitude 3530 Firmware | < 1.7.0 |
| Dell | Latitude 5330 Firmware | < 1.8.0 |
| Dell | Latitude 5420 Firmware | < 1.24.0 |
| Dell | Latitude 5430 Firmware | < 1.8.3 |
| Dell | Latitude 5430 Rugged Firmware | < 1.14.0 |
| Dell | Latitude 5431 Firmware | < 1.8.1 |
| Dell | Latitude 5520 Firmware | < 1.25.1 |
| Dell | Latitude 5521 Firmware | < 1.18.0 |
| Dell | Latitude 5530 Firmware | < 1.8.2 |
| Dell | Latitude 5531 Firmware | < 1.9.0 |
| Dell | Latitude 7320 Firmware | < 1.22.0 |
| Dell | Latitude 7320 Detachable Firmware | < 1.18.0 |
| Dell | Latitude 7330 Firmware | < 1.10.0 |
| Dell | Latitude 7420 Firmware | < 1.22.0 |
| Dell | Latitude 7430 Firmware | < 1.10.0 |
| Dell | Latitude 7520 Firmware | < 1.22.0 |
| Dell | Latitude 7530 Firmware | < 1.10.0 |
| Dell | Latitude 9330 Firmware | < 1.8.0 |
| Dell | Latitude 9420 Firmware | < 1.17.0 |
| Dell | Latitude 9430 Firmware | < 1.9.1 |
| Dell | Latitude 9510 Firmware | < 1.17.1 |
| Dell | Latitude 9520 Firmware | < 1.18.1 |
| Dell | Latitude Rugged 7330 Firmware | < 1.14.0 |
| Dell | Latitude 5421 Firmware | < 1.17.0 |
| Dell | Precision 3470 Firmware | < 1.8.1 |
| Dell | Precision 3560 Firmware | < 1.25.1 |
| Dell | Precision 3561 Firmware | < 1.18.0 |
| Dell | Precision 3570 Firmware | < 1.8.2 |
| Dell | Precision 3571 Firmware | < 1.9.0 |
| Dell | Precision 5470 Firmware | < 1.9.1 |
Showing 50 of 75 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-46752?
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
How severe is CVE-2022-46752?
CVE-2022-46752 has a CVSS score of 4.6/10 (MEDIUM severity). The EPSS model estimates a 0.29% probability of exploitation in the next 30 days.
How do I fix CVE-2022-46752?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2022-46752?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST