Five dangerous vulnerabilities have been discovered in the Dell BIOS. Their operation allows you to execute code on vulnerable systems. The issues (CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420 and CVE-2022-24421) were rated 8.2 out of 10 on the CVSS scale.
“The active use of all detected vulnerabilities cannot be detected by firmware integrity monitoring systems due to the limitations of the Trusted Platform Module (TPM) measurement. Solutions for remote device health certification will not detect vulnerable systems due to design limitations of the visibility of the firmware runtime environment,” said experts from Binarly, who discovered three vulnerabilities.
All vulnerabilities are related to problems of incorrect verification of input data affecting the System Management Mode (SMM) of the firmware. SMM refers to a special CPU mode in x86 microcontrollers, which is designed to handle system-wide functions such as power management, system equipment monitoring, temperature monitoring, etc. An authorized attacker can use a system management interrupt (SMI) to execute arbitrary code.
Vulnerabilities affect a number of Dell products, including the Alienware, Inspiron, Vostro and Edge Gateway 3000 Series lines. The PC manufacturer recommends that customers update the BIOS as soon as possible.