Pre-Boot DMA Vulnerability in Dell Client Platforms: Exploiting Physical Access for Arbitrary Code Execution

Pre-Boot DMA Vulnerability in Dell Client Platforms: Exploiting Physical Access for Arbitrary Code Execution

CVE-2022-22566 · HIGH Severity

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

Learn more about our Physical Security Assessment.