Vulnerability Details CVE-2022-30426
There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.8%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-30426
-
cpe:2.3:h:acer:altos_t110_f3:-
-
cpe:2.3:h:acer:ap130_f2:-
-
cpe:2.3:h:acer:aspire_1600x:-
-
cpe:2.3:h:acer:aspire_1602m:-
-
cpe:2.3:h:acer:aspire_7600u:-
-
cpe:2.3:h:acer:aspire_mc605:-
-
cpe:2.3:h:acer:aspire_tc-105:-
-
cpe:2.3:h:acer:aspire_tc-120:-
-
cpe:2.3:h:acer:aspire_u5-620:-
-
cpe:2.3:h:acer:aspire_x1935:-
-
cpe:2.3:h:acer:aspire_x3475:-
-
cpe:2.3:h:acer:aspire_x3995:-
-
cpe:2.3:h:acer:aspire_xc100:-
-
cpe:2.3:h:acer:aspire_xc600:-
-
cpe:2.3:h:acer:aspire_z3-615:-
-
cpe:2.3:h:acer:veriton_b630_49:-
-
cpe:2.3:h:acer:veriton_e430:-
-
cpe:2.3:h:acer:veriton_e430g:-
-
cpe:2.3:h:acer:veriton_m2110g:-
-
cpe:2.3:h:acer:veriton_m2120g:-
-
cpe:2.3:h:acer:veriton_m2611:-
-
cpe:2.3:h:acer:veriton_m2611g:-
-
cpe:2.3:h:acer:veriton_m4620:-
-
cpe:2.3:h:acer:veriton_m4620g:-
-
cpe:2.3:h:acer:veriton_m6620g:-
-
cpe:2.3:h:acer:veriton_n2620g:-
-
cpe:2.3:h:acer:veriton_n4620g:-
-
cpe:2.3:h:acer:veriton_n4630g:-
-
cpe:2.3:h:acer:veriton_s6620g:-
-
cpe:2.3:h:acer:veriton_x2611:-
-
cpe:2.3:h:acer:veriton_x2611g:-
-
cpe:2.3:h:acer:veriton_x4620g:-
-
cpe:2.3:h:acer:veriton_x6620g:-
-
cpe:2.3:h:acer:veriton_z2650g:-
-
cpe:2.3:o:acer:altos_t110_f3_firmware:-
-
cpe:2.3:o:acer:ap130_f2_firmware:-
-
cpe:2.3:o:acer:aspire_1600x_firmware:-
-
cpe:2.3:o:acer:aspire_1602m_firmware:-
-
cpe:2.3:o:acer:aspire_7600u_firmware:-
-
cpe:2.3:o:acer:aspire_mc605_firmware:-
-
cpe:2.3:o:acer:aspire_tc-105_firmware:-
-
cpe:2.3:o:acer:aspire_tc-120_firmware:-
-
cpe:2.3:o:acer:aspire_u5-620_firmware:-
-
cpe:2.3:o:acer:aspire_x1935_firmware:-
-
cpe:2.3:o:acer:aspire_x3475_firmware:-
-
cpe:2.3:o:acer:aspire_x3995_firmware:-
-
cpe:2.3:o:acer:aspire_xc100_firmware:-
-
cpe:2.3:o:acer:aspire_xc600_firmware:-
-
cpe:2.3:o:acer:aspire_z3-615_firmware:-
-
cpe:2.3:o:acer:veriton_b630_49_firmware:-
-
cpe:2.3:o:acer:veriton_e430_firmware:-
-
cpe:2.3:o:acer:veriton_e430g_firmware:-
-
cpe:2.3:o:acer:veriton_m2110g_firmware:-
-
cpe:2.3:o:acer:veriton_m2120g_firmware:-
-
cpe:2.3:o:acer:veriton_m2611_firmware:-
-
cpe:2.3:o:acer:veriton_m2611g_firmware:-
-
cpe:2.3:o:acer:veriton_m4620_firmware:-
-
cpe:2.3:o:acer:veriton_m4620g_firmware:-
-
cpe:2.3:o:acer:veriton_m6620g_firmware:-
-
cpe:2.3:o:acer:veriton_n2620g_firmware:-
-
cpe:2.3:o:acer:veriton_n4620g_firmware:-
-
cpe:2.3:o:acer:veriton_n4630g_firmware:-
-
cpe:2.3:o:acer:veriton_s6620g_firmware:-
-
cpe:2.3:o:acer:veriton_x2611_firmware:-
-
cpe:2.3:o:acer:veriton_x2611g_firmware:-
-
cpe:2.3:o:acer:veriton_x4620g_firmware:-
-
cpe:2.3:o:acer:veriton_x6620g_firmware:-
-
cpe:2.3:o:acer:veriton_z2650g_firmware:-