This vulnerability may be exploited by a local user or remote attacker by sending an SMI to the system. To exploit the issue, an attacker must be logged in as an administrator, be able to send messages to the affected system, and have permissions to install SMI packages. End users and remote attackers cannot exploit this issue. To correct this issue, update your system’s BIOS to the latest version. Note: It may take up to 90 days for all systems with an older BIOS to be updated. Dell has provided updated instructions on how to update the BIOS on your system.
Mitigation Strategies:
Eliminating the Risk
The following mitigation strategies may help mitigate the risk of this vulnerability:
- Increasing network segmentation by configuring more firewalls to enforce user authentication.
- Updating all systems to the latest BIOS versions.
Vulnerability scopes
This update only affects Dell XPS 15 systems with the following BIOS versions:
BIOS version A08
BIOS version A09
BIOS version A10
BIOS version A11
Timeline
Published on: 03/11/2022 22:15:00 UTC
Last modified on: 03/18/2022 20:42:00 UTC