CVE-2022-22554 – Dell EMC System Update versions 1.9.2 and earli... (How to Fix)

Q: What is the severity of CVE-2022-22554?

CVE-2022-22554 has a CVSS score of 8.2 (HIGH). Dell EMC System Update versions 1.9.2 and earlier store user credentials insecurely, allowing local attackers with user privileges to read passwords. This affects systems running vulnerable versions of the software, potentially exposing administrative credentials.

📋 TL;DR

Dell EMC System Update versions 1.9.2 and earlier store user credentials insecurely, allowing local attackers with user privileges to read passwords. This affects systems running vulnerable versions of the software, potentially exposing administrative credentials.

💻 Affected Systems

Products:

Dell EMC System Update

Versions: 1.9.2 and prior

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local user access; affects both client and server installations.

📦 What is this software?

Emc System Update by Dell

View all CVEs affecting Emc System Update →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain administrative credentials, leading to complete system compromise, data theft, or lateral movement across the network.

🟠

Likely Case

Local users escalate privileges or access sensitive systems using stolen credentials.

🟢

If Mitigated

Limited to credential exposure without successful exploitation due to access controls.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access but is straightforward once credentials are accessed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.9.3 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/000195007

Restart Required: Yes

Instructions:

1. Download Dell EMC System Update version 1.9.3 or later from Dell's support site. 2. Run the installer as administrator. 3. Follow on-screen prompts to complete installation. 4. Restart the system.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit local user access to systems running vulnerable versions.

Monitor Credential Storage

all

Audit and secure files where credentials might be stored.

🧯 If You Can't Patch

Implement strict access controls to limit local user privileges.
Monitor for unusual credential access or privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check Dell EMC System Update version via GUI or command line; versions 1.9.2 or earlier are vulnerable.

Check Version:

On Windows: 'dsu-cli.exe --version' or check in GUI. On Linux: 'dsu --version'.

Verify Fix Applied:

Confirm version is 1.9.3 or later and test credential storage security.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access to credential storage files
Failed login attempts with exposed credentials

Network Indicators:

Unusual outbound connections post-exploitation

SIEM Query:

Event logs showing local user accessing sensitive files or privilege escalation.

📊 Metadata

CVE ID: CVE-2022-22554

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-256

Published: January 24, 2022

Last Updated: November 21, 2024

🔗 References

https://www.dell.com/support/kbdoc/000195007 Patch,Vendor Advisory
https://www.dell.com/support/kbdoc/000195007 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-22554, you might also want to check these: