FKIE_CVE-2022-30426
Vulnerability from fkie_nvd - Published: 2022-09-23 00:15 - Updated: 2025-05-27 16:15
Severity
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://acer.com | Vendor Advisory | |
| cve@mitre.org | http://altos.com | Broken Link | |
| cve@mitre.org | https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://acer.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://altos.com | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2791BB-A1C2-4121-B095-9E26506B9C51",
"versionEndExcluding": "p13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5192B7DC-EDF8-438E-A3F4-8141124A894C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A2A45A3-5B4F-47D2-8EC3-49DD183AA182",
"versionEndExcluding": "p04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D4FC0-0F81-4F53-BA5D-30E4941C3EB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B80DDBC5-581F-442F-8656-BD9CB1F1CE38",
"versionEndExcluding": "p11.a3l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BED3067-CAC9-4705-9E9A-7960B29923AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02B51526-8A53-444C-803B-C9C7A925DD8C",
"versionEndExcluding": "p11.a3l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D615C9B3-0F1A-4DEA-97EC-82D38EAD64DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BD824E-31EF-4CB0-9545-485A8A8C71A5",
"versionEndExcluding": "p11.a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF2DACF-5EE4-43E9-8AA6-C06EE2AF3386",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56ADF471-DC77-4280-8DEB-888D33AC8D4B",
"versionEndExcluding": "p11.a4l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4BF06C4-D5B0-44C1-8B5F-9752D6B96EC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44AB957C-37C7-4318-AE58-6068FA3CFB20",
"versionEndExcluding": "p12.b0l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB402BB-37AB-45CB-B46F-9F1B30CCBF3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36F88B4D-92BF-4F72-B263-22A755E64976",
"versionEndExcluding": "p11-a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63853105-572F-4A6A-9EAF-BABD865669BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB661FEE-48E5-4715-B24F-97CEC4FE10D6",
"versionEndExcluding": "p11.a1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3495EC6F-F427-4C8C-8060-07EC25EF0B2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE0D973-F42D-400B-90A4-344E8718B700",
"versionEndExcluding": "p11.a3l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*",
"matchCriteriaId": "057EAAC2-B41D-4129-90E1-40E503956314",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A52714FA-63D2-4737-903A-DB5D005AF6D0",
"versionEndExcluding": "p11.a3l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0D813C-8185-4684-920A-FA0DE59E8372",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24028FEA-A178-4E9A-AF22-B3DDFF395B94",
"versionEndExcluding": "p11.a3l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B67ECCB-7A82-4C8E-82DD-94454C0250DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4D90E6-997B-464B-9583-73ADAB1A59C1",
"versionEndExcluding": "p11.b3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A675A48-D67D-45EF-9536-1AC1CD625AC3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "825F42E9-78D0-46B3-8A15-8256AA6D7921",
"versionEndExcluding": "p11.a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1080F0-A741-4D3E-8BD5-23418EDFAABE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "147C6EBF-B966-44FA-BE98-47B62C4B2C3C",
"versionEndExcluding": "p11.a2l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8941F8FF-B1FB-43D3-BD51-EF975FCDEA5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F671E74-9ECA-4128-8651-6531DF8943C7",
"versionEndExcluding": "aap02sr",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF5700B-A1B1-478C-9D46-7BB03B02A33A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5569439E-70BE-4292-923B-36CFB243157F",
"versionEndExcluding": "p21.a1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AFD3EE-BD0E-4305-A614-49A9EBDE8DFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF01945-D1B8-46FB-ADB1-E6961CD62304",
"versionEndExcluding": "p11.a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72D7420D-B331-4CED-B3CB-FCFE89A0AD2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27DCBE2B-2144-4B3A-B8BE-D20524E9D480",
"versionEndExcluding": "p21.a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B926D324-52A0-4154-BFD1-828A86E14E71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3FC4021-CE28-4345-9E29-0FC021043D5A",
"versionEndExcluding": "p11-a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA330154-46D5-48F9-BC38-3F32398E9B66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EB70DA-B093-4413-958D-EAB4287B2B03",
"versionEndExcluding": "p11-b0l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F018AD-3FAC-4640-AF1B-0E152C11C9DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05BB96E6-2E46-4AA8-B85B-BC081A20AC09",
"versionEndExcluding": "p11.b0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59F23A15-D272-4F2B-86DF-C33CD3E75FB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0923E59D-3416-412C-B860-D3E627026DB7",
"versionEndExcluding": "p21.a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E820FD3-6104-4E48-8A11-EE9C5DC1988C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6940E0-06D8-406F-8CAB-EBEFF61395E9",
"versionEndExcluding": "p21.a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3410E262-1FC3-4913-8A63-3A4058B0A895",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6516D45E-ED3C-45D4-A26B-B9B6EE57ABA9",
"versionEndExcluding": "p21.a0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1257B81A-F0C9-4E3C-9058-1BA99412B54D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "563037E2-10B9-41A5-A960-8C2DCBA1910B",
"versionEndExcluding": "p21.b0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFABCD4B-3BB7-440B-AAA9-3DD867EA631B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "280227DB-8784-4A6E-96A2-06326D3A2B71",
"versionEndExcluding": "p11.a2l",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A00E5B-1887-407F-BDAE-268DB0F8CAA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B70CE5F-2E47-4E0F-8915-B090D01EA6C6",
"versionEndExcluding": "p21.b0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56E9648-5D73-41F4-A8AA-B1EFD6F3A290",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F174F4D1-0A29-4920-93A6-9FB0B15F4834",
"versionEndExcluding": "p11.a1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1812657-8B66-4B5F-B919-EA8D7096EBFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "270A755C-AB19-4861-A124-05845EC32EC3",
"versionEndExcluding": "p11.a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B81F010-F6D6-458F-8618-CF2AE99CA20F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "634D7E54-8EDE-4C96-9397-14423609E65F",
"versionEndExcluding": "p11.a4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7FE60D-E18E-4848-AB0C-34FD48EA8206",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAB09332-C738-4705-B87A-28335833F4B0",
"versionEndExcluding": "p11.a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DA37FE-1185-49E2-AF47-C9FABAF7BEA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADD04E1-905C-4EFF-996A-DE40126DE812",
"versionEndExcluding": "p11.a3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE7F361-623E-4402-877A-0AAE4B3A2C9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F99D10-818F-41C8-AA2E-A234494FD87F",
"versionEndExcluding": "p21.a1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADA6657-4BE8-47C7-B9AF-2ACD532D3EC3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer de la pila, que podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario en el controlador UEFI DXE de algunos productos Acer. Un ataque podr\u00eda explotar esta vulnerabilidad para escalar el privilegio del anillo 3 al anillo 0, y secuestrar el flujo de control durante la ejecuci\u00f3n de UEFI DXE. Esto afecta a versiones de firmware Altos T110 F3 versiones anteriores a P13 incluy\u00e9ndola (m\u00e1s reciente) y AP130 F2 versiones anteriores a P04 incluy\u00e9ndola (m\u00e1s reciente) y Aspire 1600X versiones anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire 1602M versiones anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire 7600U versiones anteriores a P11. A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire MC605 versiones de firmware anteriores a P11.A4L incluy\u00e9ndola (m\u00e1s reciente) y Aspire TC-105 versiones de firmware anteriores a P12.B0L incluy\u00e9ndola (m\u00e1s reciente) y Aspire TC-120 versiones de firmware anteriores a P11-A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire U5-620 versiones de firmware anteriores a P11.A1 incluy\u00e9ndola (m\u00e1s reciente) y Aspire X1935 versiones de firmware anteriores a P11. A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire X3475 versiones de firmware anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire X3995 versiones de firmware anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire XC100 versiones de firmware anteriores a P11.B3 incluy\u00e9ndola (m\u00e1s reciente) y Aspire XC600 versiones de firmware anteriores a P11.A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire Z3-615 versiones de firmware anteriores a P11. A2L incluy\u00e9ndola (m\u00e1s reciente) y Veriton E430G versiones de firmware anteriores a P21.A1 incluy\u00e9ndola (m\u00e1s reciente) y Veriton B630_49 versiones de firmware anteriores a AAP02SR incluy\u00e9ndola (m\u00e1s reciente) y Veriton E430 versiones de firmware anteriores a P11.A4 incluy\u00e9ndola (m\u00e1s reciente) y Veriton M2110G versiones de firmware anteriores a P21.A3 incluy\u00e9ndola (m\u00e1s reciente) y Veriton M2120G fir."
}
],
"id": "CVE-2022-30426",
"lastModified": "2025-05-27T16:15:22.863",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-09-23T00:15:09.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://acer.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://altos.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://acer.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://altos.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…