CVE-2022-34407

Vulnerability

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability (CVE-2022-34407). This flaw resides in the System Management Mode (SMM) communication buffer handling. A local attacker with high privileges can trigger the vulnerability by manipulating SMM communication buffers. Affected versions include various Dell PowerEdge and Precision models; refer to Dell advisory DSA-2022-204 for the complete list [1].

Exploitation

Exploitation requires local access and high privileges (e.g., administrator or kernel-level access). The attacker must be able to send crafted SMM communication requests to the BIOS. The vulnerability is triggered when the BIOS fails to properly verify the buffer during SMM communication, allowing the attacker to corrupt SMM memory. The attack complexity is high, as it requires precise timing and knowledge of the SMM interface [1].

Impact

Successful exploitation can lead to arbitrary code execution within System Management Mode (SMM), which runs at the highest privilege level (ring -2). This can result in full compromise of the system, including bypassing OS-level security controls, or cause a denial of service by crashing the system. The CVSS vector for a similar vulnerability (CVE-2022-34406) indicates a base score of 7.5 with impacts to confidentiality, integrity, and availability [1].

Mitigation

Dell has released BIOS updates to address this vulnerability. Users should update their system BIOS to the latest version provided by Dell for their specific model. The advisory DSA-2022-204 contains the fixed BIOS versions and affected model list [1]. No workarounds are available; applying the patch is the recommended mitigation.