Five new vulnerabilities have been found in the BIOS of Dell's Inspiron, Vostro, XPS, and Alienware series computers that could allow arbitrary code execution.

The vulnerabilities were identified as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420 and CVE-2022-24421. They were rated 8.2 points out of 10 possible on the CVSS scale.

The vulnerabilities are related to incorrect validation of input data, they affect the operation of the System Management Mode of the firmware, which allows an authorized attacker to use an interrupt operation to execute arbitrary code.

The SMM mode is designed to work out system-wide functions, such as power and hardware management, thermal energy monitoring, etc. When one of these functions is performed, a non-maskable operation interrupt (SMI) occurs that executes the SMM code set by the BIOS. SMM code is executed at the highest privilege level, which allows the introduction of malicious code.

The vulnerabilities were discovered by experts from Binarly. According to them, solutions for remote verification of the health of devices are not able to identify vulnerable systems due to design limitations in the visibility of the firmware runtime.

In less than a year, Binarly has identified 42 high-severity vulnerabilities in the UEFI firmware ecosystem.

Dell recommends that users update the BIOS on their devices.

Since the end of February, many foreign companies have ceased operations or temporarily left the Russian Federation, including AMD, Cisco, Dell, HP (HPE), Ericsson, IBM, Intel, Juniper, Microsoft, Mikrotik, NVIDIA, Nokia, Samsung, Siemens, Sony, TSMC, LG Electronics, etc.

bbabo.Net