CVE-2022-34390

Name of the Vulnerable Software and Affected Versions Dell BIOS (affected versions not specified)

Description The issue is related to the use of an uninitialized variable in the BIOS software of Dell laptops. This could potentially allow a malicious user to execute arbitrary code. A local authenticated attacker may exploit this vulnerability to gain arbitrary code execution in SMRAM by using an SMI.

Recommendations For Dell BIOS, consider restricting access to SMI handlers until a patch is available. As a temporary workaround, avoid using potentially vulnerable SMI handlers in Dell BIOS until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.