CVE-2022-30426

There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*

History

26 Sep 2022, 14:35

Type Values Removed Values Added
CPE cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*
cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-787
References (MISC) http://acer.com - (MISC) http://acer.com - Vendor Advisory
References (MISC) http://altos.com - (MISC) http://altos.com - Broken Link
References (MISC) https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md - (MISC) https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md - Exploit, Third Party Advisory
First Time Acer veriton M4620g Firmware
Acer aspire U5-620
Acer aspire Xc100
Acer aspire Tc-105
Acer aspire X3995
Acer aspire 1602m Firmware
Acer aspire Z3-615
Acer aspire Xc600
Acer veriton S6620g Firmware
Acer veriton B630 49 Firmware
Acer veriton E430g
Acer aspire Mc605 Firmware
Acer veriton X4620g Firmware
Acer veriton M2110g
Acer veriton M2120g
Acer aspire Xc600 Firmware
Acer veriton X2611g Firmware
Acer veriton S6620g
Acer ap130 F2 Firmware
Acer aspire Mc605
Acer veriton Z2650g
Acer aspire Z3-615 Firmware
Acer veriton X2611g
Acer veriton N4620g Firmware
Acer aspire X3475
Acer veriton M4620
Acer veriton M2611
Acer veriton Z2650g Firmware
Acer veriton X2611
Acer veriton X2611 Firmware
Acer veriton M2120g Firmware
Acer veriton M2110g Firmware
Acer aspire 7600u
Acer aspire X3475 Firmware
Acer veriton X6620g Firmware
Acer veriton M2611 Firmware
Acer veriton E430g Firmware
Acer veriton M4620g
Acer veriton N4630g Firmware
Acer aspire 1600x Firmware
Acer veriton X4620g
Acer veriton M2611g Firmware
Acer veriton N4620g
Acer aspire X1935 Firmware
Acer veriton E430
Acer veriton M4620 Firmware
Acer veriton M6620g
Acer aspire Tc-120 Firmware
Acer veriton X6620g
Acer aspire Tc-120
Acer aspire 7600u Firmware
Acer
Acer aspire U5-620 Firmware
Acer veriton M2611g
Acer aspire Tc-105 Firmware
Acer aspire Xc100 Firmware
Acer veriton N2620g Firmware
Acer veriton M6620g Firmware
Acer aspire X1935
Acer aspire 1600x
Acer veriton E430 Firmware
Acer aspire X3995 Firmware
Acer altos T110 F3
Acer aspire 1602m
Acer ap130 F2
Acer veriton N4630g
Acer veriton B630 49
Acer veriton N2620g
Acer altos T110 F3 Firmware

23 Sep 2022, 04:21

Type Values Removed Values Added
New CVE

Information

Published : 2022-09-23 00:15

Updated : 2022-09-26 14:35


NVD link : CVE-2022-30426

Mitre link : CVE-2022-30426


JSON object : View

Products Affected

acer

  • veriton_s6620g_firmware
  • veriton_m2611g_firmware
  • veriton_m2611_firmware
  • veriton_m4620_firmware
  • veriton_m2110g
  • aspire_1602m_firmware
  • aspire_tc-105
  • veriton_b630_49
  • altos_t110_f3
  • veriton_n2620g
  • aspire_7600u_firmware
  • veriton_e430
  • ap130_f2
  • veriton_n4630g
  • veriton_m4620g_firmware
  • aspire_7600u
  • aspire_z3-615
  • veriton_x6620g
  • aspire_1600x_firmware
  • veriton_s6620g
  • aspire_mc605
  • aspire_tc-105_firmware
  • veriton_m2611
  • veriton_z2650g_firmware
  • aspire_x3995_firmware
  • veriton_e430_firmware
  • aspire_1600x
  • veriton_x2611
  • aspire_x1935
  • veriton_e430g_firmware
  • aspire_x3475_firmware
  • aspire_u5-620
  • aspire_xc600_firmware
  • aspire_x3995
  • veriton_x4620g
  • aspire_mc605_firmware
  • aspire_z3-615_firmware
  • veriton_m2611g
  • veriton_m6620g
  • veriton_n4620g
  • veriton_m2120g_firmware
  • veriton_m2120g
  • altos_t110_f3_firmware
  • aspire_tc-120
  • veriton_z2650g
  • aspire_x3475
  • veriton_m4620
  • veriton_n4630g_firmware
  • veriton_m4620g
  • ap130_f2_firmware
  • veriton_n2620g_firmware
  • veriton_n4620g_firmware
  • veriton_x6620g_firmware
  • veriton_x2611g
  • aspire_xc100
  • aspire_1602m
  • veriton_b630_49_firmware
  • veriton_x2611g_firmware
  • veriton_x2611_firmware
  • aspire_u5-620_firmware
  • aspire_xc600
  • veriton_m2110g_firmware
  • aspire_x1935_firmware
  • aspire_tc-120_firmware
  • veriton_x4620g_firmware
  • veriton_m6620g_firmware
  • aspire_xc100_firmware
  • veriton_e430g
CWE
CWE-787

Out-of-bounds Write