CVE-2022-34408

Vulnerability

An improper SMM (System Management Mode) communication buffer verification vulnerability exists in Dell PowerEdge BIOS and Dell Precision BIOS. This allows a local malicious user with high privileges to exploit the SMM communication buffer handling, potentially leading to arbitrary code execution or denial of service. The vulnerability affects multiple versions of Dell PowerEdge and Precision BIOS [1].

Exploitation

A local user with high privileges (e.g., administrative access to the operating system) can exploit this vulnerability by sending crafted SMI (System Management Interrupt) commands to the SMM. The improper buffer verification in the SMM communication path allows the attacker to manipulate memory or trigger arbitrary code execution within SMM.

Impact

Successful exploitation allows an attacker to execute arbitrary code in SMM, which runs at the highest privilege level (ring -2) in the system. This could lead to full compromise of the system, including persistent firmware-level malware, data exfiltration, or denial of service. The CVSS v3.1 base score is 1.9 (AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L) [1].

Mitigation

Dell has released advisory DSA-2022-204 recommending users update to the latest BIOS version available for their respective systems. No workaround is provided; updating to the fixed BIOS version is the only mitigation. The fix is included in BIOS versions released after February 2023 [1].