Search criteria
18 vulnerabilities found for alienware_aurora_r15_amd_firmware by dell
FKIE_CVE-2024-39584
Vulnerability from fkie_nvd - Published: 2024-08-28 06:15 - Updated: 2024-12-20 14:38
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79481B8B-33AB-4BBB-8959-A1EE16ABC3EE",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CB653C-AD62-4804-B93A-D378241D07EB",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D81C5D-B1AB-44C8-B3EC-5035124D5BF0",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6743728-79B1-44FC-B50A-8EC2BAB0A177",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD9070-F917-456F-8C63-0BAD08363A22",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1397546E-8CB7-4E88-988B-4C73B18FB2A3",
"versionEndExcluding": "2.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95EA4B9E-1636-4E67-A3FA-8EF38C2E5ACE",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC45F6C-9DC9-4E2F-9C3E-3E71E62937B2",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "601B48A2-B0C3-4D9F-9D83-A4818222A756",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2F00DB-6932-4D0F-A6F8-36A9ABA8138A",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25E8327-AE8B-49CD-9167-B2967E40F17C",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB44CD60-EF6C-47A4-98CF-37D59157FD91",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFFE6D4-B453-4D27-8A3F-9CE9A2B5B1AD",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35312EA-BE2C-45E1-B86D-676F64AAF4F0",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D224BFF9-3D06-4291-8EBE-7DEDAC24FA94",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE5B200-E6D3-41D1-9280-7FF6C8026B9E",
"versionEndExcluding": "2.19.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB4E70B-69EC-4275-8C46-A2B22C5B1156",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1B4BFA-3EDC-441D-8F28-FAA1B75A3E74",
"versionEndExcluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B7FB3C-5A40-454F-8E45-6099758C222F",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64B4373D-14E6-4915-B42F-4515E4801AEA",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de uso de clave criptogr\u00e1fica predeterminada. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una omisi\u00f3n del arranque seguro y la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-39584",
"lastModified": "2024-12-20T14:38:16.543",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T06:15:05.607",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-32860
Vulnerability from fkie_nvd - Published: 2024-06-13 13:15 - Updated: 2024-11-21 09:15
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
"versionEndExcluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
"versionEndExcluding": "1.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA98A09-CEC8-4765-9F67-1B8E31A403BA",
"versionEndIncluding": "1.1.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502B41A3-DA11-4F02-ADBA-12BAEB90E9D9",
"versionEndExcluding": "1.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
"versionEndExcluding": "2.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE1A9B5-8534-4DAE-957E-FF670060C35A",
"versionEndIncluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E92F1AF-4259-40FA-BD64-2B5E36DB815B",
"versionEndIncluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A10F10-F9C8-4FF0-8F28-BCBDABE8C8EA",
"versionEndIncluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E828F7-2199-470B-B3F3-251704F4BAA4",
"versionEndIncluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF468943-A697-46B0-A8DF-3D9F329E87D6",
"versionEndIncluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF372BE7-5B95-4DF7-A85A-22B92D3931BF",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "807B8FFB-4AB1-43B3-B2E6-BA53D1244437",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
"versionEndExcluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2024-32860",
"lastModified": "2024-11-21T09:15:52.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-13T13:15:49.517",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-32859
Vulnerability from fkie_nvd - Published: 2024-06-13 13:15 - Updated: 2024-11-21 09:15
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
"versionEndExcluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
"versionEndExcluding": "2.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
"versionEndExcluding": "1.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
"versionEndExcluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
"versionEndExcluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2024-32859",
"lastModified": "2024-11-21T09:15:52.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-13T13:15:49.210",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-32858
Vulnerability from fkie_nvd - Published: 2024-06-13 13:15 - Updated: 2024-11-21 09:15
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
"versionEndExcluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
"versionEndExcluding": "2.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
"versionEndExcluding": "1.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
"versionEndExcluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
"versionEndExcluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2024-32858",
"lastModified": "2024-11-21T09:15:52.360",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-13T13:15:48.833",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-32856
Vulnerability from fkie_nvd - Published: 2024-06-13 12:15 - Updated: 2024-11-21 09:15
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
"versionEndExcluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
"versionEndExcluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
"versionEndExcluding": "1.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
"versionEndExcluding": "2.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
"versionEndExcluding": "1.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
"versionEndExcluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
"versionEndExcluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2024-32856",
"lastModified": "2024-11-21T09:15:52.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-13T12:15:10.647",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-32475
Vulnerability from fkie_nvd - Published: 2024-06-07 03:15 - Updated: 2024-11-21 08:03
Severity ?
7.6 (High) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.6 (High) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.6 (High) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5625_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6967CAD7-821C-4909-A6E3-F4A8934D7ED9",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB00804-D39C-4A1B-9762-A7249C4EA753",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CD2B14-0DE3-4B20-BF3F-E919F8AF2F11",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB96F99-DE8C-4344-BBB2-12AD92CE98A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F505CA5A-5438-4C23-B3D6-5C4764C0E184",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC7AFBA-3492-44A7-9D78-51FD20C985F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26E98FFB-840E-49B4-93F9-B53D45BECBD9",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79142A75-EA84-4C9A-861B-0FF10E21450B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_16_5635_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01AADB4A-439D-4468-8AC1-59A263C3A402",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_16_5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BA027A-D8C7-478A-8C3B-42B9F722367B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_15_3535_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0C7C65-BFC9-49C0-A449-A11958006374",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_15_3535:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602150A8-8C3E-4962-889C-5E9051C71667",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_15_3525_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD1F48D-7D61-4519-A2FE-6387E0C477C5",
"versionEndExcluding": "1.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_15_3525:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B12B8-3686-4DF7-9160-A04D58F58A16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_15_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA00B2B-F2D2-47FF-B96D-12D544B1207A",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_15_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C66DDCF-85FC-455C-8A31-5CAAD7D92BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_14_3435_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5F9DF4-D9A6-4C28-862F-265E0B235A9D",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_14_3435:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90140BF1-C455-495F-A2FA-E0FAF9B0D5AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_14_3425_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7434C5AF-CCD3-4117-AC56-92B73BDD1355",
"versionEndExcluding": "1.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_14_3425:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCE2FED-41E1-4CE3-AE9B-2F73F04925D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7415_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "107A2C1E-6F71-4112-A893-05FB3D725067",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7415_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBBD87A-97E6-4EBB-8B04-0E343A6D3FF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7405_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B75E196-A7EE-471C-8966-2D358B520A26",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7405_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A723A28B-2CED-4A1A-B36C-82E9ABDE58E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F23FCEA-96B0-4F35-988B-88817D3C25DA",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05114EB-E200-4F8B-8D18-41AC80540F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9A42C5-671F-4796-8E49-E61A97B61169",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84379684-0B62-44BB-A53E-04C95CA09ED5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A24064-14F3-47F1-92AC-6D7A6AFF0137",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563D5D8-CD81-4EE5-AE6F-6939C353377B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3065917D-3E56-4BC0-B7BD-2351FB0E6216",
"versionEndExcluding": "1.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED5439F-1A3C-4F5F-98C7-B2C471919477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA188A3-4971-447D-8B57-A474A6D64F5D",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3137C79A-EE16-4B4E-95D8-6CF1E1E9A4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_24_5415_all-in-one_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1267-2BEF-49E6-83E5-3D3CECD21621",
"versionEndExcluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_24_5415_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0899CC-0FFF-4CD6-B39E-6A90E3D4183A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_16_7635_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0059B1F1-5C6F-4CDB-9D3A-9F06B93EDC65",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_16_7635_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40C9F472-97F7-438A-8CAC-B9B3A85413BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_16_5635_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32998813-4D00-44B9-BF6C-ED53B45DE3BD",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_16_5635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4157A8EE-8838-4A87-A5AF-2EE1B0D03AEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_16_5625_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5BCAC9-6285-4965-9E19-21DCDD34B8A9",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_16_5625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D67E18-5D2F-4D1A-9570-A83F573C0B7E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3535_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14DA511C-B06C-4CD4-B089-3067B64F8871",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3535:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E43E62FB-FD2D-4189-A692-23527D838690",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3525_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE6427E-D5B1-4414-9D20-2C1ED56DB637",
"versionEndExcluding": "1.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3525:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C818D45-465A-4BCE-A6E6-B7C54485EB3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E7746B-CCF6-4293-906B-6F91EF2A4069",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72CC59F-C18E-4668-853F-8F2BA59A129A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_14_7435_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7A5962-55C5-4EB0-926E-562FC2C20FB1",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_14_7435_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A037401-9C16-40A6-948E-AD310587E6A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_14_7425_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD152E5-FAAC-4533-98E7-B6C14C3A9502",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_14_7425_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFF3169-604D-48F4-A04E-280056592521",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_14_5435_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBD4767-B796-43A4-BE6C-BC25BB79BFEA",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_14_5435:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71BEFBEB-548A-445E-98D3-28BBFC7CA412",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_14_5425_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "890DF5F3-9D07-4D8E-83D4-FC513DA43244",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_14_5425:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2439A92-05B4-4654-A459-AC2E87745FFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:g5_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D7E3C5-6158-4360-A8A2-248496D34292",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:g5_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0566A03A-54DA-429D-B088-228559803249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:g15_5535_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A07529-B337-4100-B50A-B838260476C4",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:g15_5535:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE33B5D-E5DF-443D-8CCA-09CFB259D20C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:g15_5525_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFDC8F0B-EFFC-40A7-9399-750BA719B82A",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:g15_5525:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68FD27D9-7C76-450C-8535-DE86FC006C46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:g15_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9EB379-2C98-402A-BB3C-FC7180196487",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:g15_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD6D554-0CEC-411C-9D44-A0F3AE3D3A07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m18_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8D3E27-68C4-4F38-8436-725B5294215F",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72F40FC8-755B-4353-AB4E-73F59FF4E982",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r5_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B40466F0-EE69-4BD6-AA08-A2A6B353AACC",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r5_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7423FFC8-C206-46A3-B5EF-D8077C315514",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m16_r1_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340FA3F7-5D8A-4DEC-B115-8D81470C8450",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m16_r1_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B16CF02D-14B3-4C2A-BB00-D2FAEB563352",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_ryzen_edition_r5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F09AF627-20AB-4A2A-BF19-399F1DD27F59",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_ryzen_edition_r5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDF9040-D1A2-4F53-B2A1-60A56A401DDA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r7_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFDB3FF-B12D-4E03-8846-3594C1DD6597",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r7_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC05325D-7B5C-415E-A8C2-FE28AEC878D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48A0D38-6DCE-4531-8D3F-25C594C9DE61",
"versionEndExcluding": "2.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
"versionEndExcluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D22BE20-CEC2-45EC-B217-737F14B2A874",
"versionEndExcluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
},
{
"lang": "es",
"value": "El BIOS de Dell contiene una falta de soporte para la vulnerabilidad de verificaci\u00f3n de integridad. Un atacante con acceso f\u00edsico al sistema podr\u00eda potencialmente eludir los mecanismos de seguridad para ejecutar c\u00f3digo arbitrario en el sistema."
}
],
"id": "CVE-2023-32475",
"lastModified": "2024-11-21T08:03:25.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-07T03:15:08.950",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-353"
}
],
"source": "security_alert@emc.com",
"type": "Primary"
}
]
}
CVE-2024-39584 (GCVE-0-2024-39584)
Vulnerability from cvelistv5 – Published: 2024-08-28 05:46 – Updated: 2024-08-28 14:15
VLAI?
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
Severity ?
8.2 (High)
CWE
- CWE-1392 - Use of Default Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Dell Client Platform BIOS |
Affected:
N/A , < 1.29.0
(semver)
Affected: N/A , < 1.15.0 (semver) Affected: N/A , < 1.21.0 (semver) Affected: N/A , < 1.24.0 (semver) |
Credits
CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_area_51m_r2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_m15_r3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_m17_r3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_m17_r3_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.29.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.15.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_x14_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_x14_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_x15_r1_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.24.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T14:02:49.780082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:15:01.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell Client Platform BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.29.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.24.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue."
}
],
"datePublic": "2024-08-27T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
}
],
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392: Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T05:46:40.013Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-39584",
"datePublished": "2024-08-28T05:46:40.013Z",
"dateReserved": "2024-06-26T02:16:08.993Z",
"dateUpdated": "2024-08-28T14:15:01.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32860 (GCVE-0-2024-32860)
Vulnerability from cvelistv5 – Published: 2024-06-13 13:00 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 1.0.24
(semver)
Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cpg_bios",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:49:01.558476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:48:48.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue."
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T13:00:19.384Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32860",
"datePublished": "2024-06-13T13:00:19.384Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32858 (GCVE-0-2024-32858)
Vulnerability from cvelistv5 – Published: 2024-06-13 12:48 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r10_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r13_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r14_ryzen_edition_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r16_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inspiron_3502_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8950_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T13:37:43.257078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:09:43.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue"
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T12:48:29.724Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32858",
"datePublished": "2024-06-13T12:48:29.724Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32859 (GCVE-0-2024-32859)
Vulnerability from cvelistv5 – Published: 2024-06-13 12:39 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r16_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r10_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r13_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r14_ryzen_edition_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inspiron_3502_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8950_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32859",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T13:39:08.008139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:01:53.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue"
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T12:39:41.863Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32859",
"datePublished": "2024-06-13T12:39:41.863Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32856 (GCVE-0-2024-32856)
Vulnerability from cvelistv5 – Published: 2024-06-13 11:51 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
5.1 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32856",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T13:07:26.971457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T13:07:31.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue."
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T11:51:03.183Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32856",
"datePublished": "2024-06-13T11:51:03.183Z",
"dateReserved": "2024-04-19T09:34:13.526Z",
"dateUpdated": "2024-08-02T02:20:35.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32475 (GCVE-0-2023-32475)
Vulnerability from cvelistv5 – Published: 2024-06-07 02:13 – Updated: 2024-08-02 15:18
VLAI?
Summary
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
Severity ?
7.6 (High)
CWE
- CWE-353 - Missing Support for Integrity Check
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.6.0
(semver)
Affected: N/A , < 1.13.0 (semver) Unaffected: N/A , < 2.16.0 (semver) Affected: N/A , < 1.15.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 1.9.0 (semver) Affected: N/A , < 1.5.0 (semver) Affected: N/A , < 1.18.0 (semver) Affected: N/A , < 1.8.0 (semver) Affected: N/A , < 1.15.1 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.17.0 (semver) Affected: N/A , < 1.14.0 (semver) Affected: N/A , < 1.19.0 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "cpg_bios",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T16:59:56.060370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T17:00:46.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "unaffected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.5.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.17.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-12-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
}
],
"value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-353",
"description": "CWE-353: Missing Support for Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T02:13:17.515Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32475",
"datePublished": "2024-06-07T02:13:17.515Z",
"dateReserved": "2023-05-09T06:07:41.365Z",
"dateUpdated": "2024-08-02T15:18:37.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39584 (GCVE-0-2024-39584)
Vulnerability from nvd – Published: 2024-08-28 05:46 – Updated: 2024-08-28 14:15
VLAI?
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
Severity ?
8.2 (High)
CWE
- CWE-1392 - Use of Default Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Dell Client Platform BIOS |
Affected:
N/A , < 1.29.0
(semver)
Affected: N/A , < 1.15.0 (semver) Affected: N/A , < 1.21.0 (semver) Affected: N/A , < 1.24.0 (semver) |
Credits
CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_area_51m_r2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_m15_r3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_m17_r3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_m17_r3_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.29.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.15.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_x14_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_x14_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "alienware_x15_r1_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.24.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T14:02:49.780082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:15:01.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell Client Platform BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.29.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.24.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue."
}
],
"datePublic": "2024-08-27T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
}
],
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392: Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T05:46:40.013Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-39584",
"datePublished": "2024-08-28T05:46:40.013Z",
"dateReserved": "2024-06-26T02:16:08.993Z",
"dateUpdated": "2024-08-28T14:15:01.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32860 (GCVE-0-2024-32860)
Vulnerability from nvd – Published: 2024-06-13 13:00 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 1.0.24
(semver)
Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cpg_bios",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:49:01.558476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:48:48.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue."
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T13:00:19.384Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32860",
"datePublished": "2024-06-13T13:00:19.384Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32858 (GCVE-0-2024-32858)
Vulnerability from nvd – Published: 2024-06-13 12:48 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r10_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r13_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r14_ryzen_edition_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r16_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inspiron_3502_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8950_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T13:37:43.257078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:09:43.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue"
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T12:48:29.724Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32858",
"datePublished": "2024-06-13T12:48:29.724Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32859 (GCVE-0-2024-32859)
Vulnerability from nvd – Published: 2024-06-13 12:39 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 2.6.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_amd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r16_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r10_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.0.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.25",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r13_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r14_ryzen_edition_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alienware_aurora_r15_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inspiron_3502_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.16.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8950_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.19.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xps_8960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32859",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T13:39:08.008139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:01:53.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue"
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T12:39:41.863Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32859",
"datePublished": "2024-06-13T12:39:41.863Z",
"dateReserved": "2024-04-19T09:34:13.527Z",
"dateUpdated": "2024-08-02T02:20:35.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32856 (GCVE-0-2024-32856)
Vulnerability from nvd – Published: 2024-06-13 11:51 – Updated: 2024-08-02 02:20
VLAI?
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
5.1 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.8.0
(semver)
Affected: N/A , < 1.0.24 (semver) Affected: N/A , < 1.1.25 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.13.0 (semver) Affected: N/A , < 2.18.0 (semver) Affected: N/A , < 2.7.0 (semver) Affected: N/A , < 1.16.0 (semver) |
Credits
Dell Technologies would like to thank Eason for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32856",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T13:07:26.971457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T13:07:31.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.0.24",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.25",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.7.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell Technologies would like to thank Eason for reporting this issue."
}
],
"datePublic": "2024-06-11T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T11:51:03.183Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32856",
"datePublished": "2024-06-13T11:51:03.183Z",
"dateReserved": "2024-04-19T09:34:13.526Z",
"dateUpdated": "2024-08-02T02:20:35.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32475 (GCVE-0-2023-32475)
Vulnerability from nvd – Published: 2024-06-07 02:13 – Updated: 2024-08-02 15:18
VLAI?
Summary
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
Severity ?
7.6 (High)
CWE
- CWE-353 - Missing Support for Integrity Check
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | CPG BIOS |
Affected:
N/A , < 2.6.0
(semver)
Affected: N/A , < 1.13.0 (semver) Unaffected: N/A , < 2.16.0 (semver) Affected: N/A , < 1.15.0 (semver) Affected: N/A , < 1.16.0 (semver) Affected: N/A , < 1.9.0 (semver) Affected: N/A , < 1.5.0 (semver) Affected: N/A , < 1.18.0 (semver) Affected: N/A , < 1.8.0 (semver) Affected: N/A , < 1.15.1 (semver) Affected: N/A , < 1.12.0 (semver) Affected: N/A , < 1.17.0 (semver) Affected: N/A , < 1.14.0 (semver) Affected: N/A , < 1.19.0 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "cpg_bios",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T16:59:56.060370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T17:00:46.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.6.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "unaffected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.5.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.8.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.15.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.17.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-12-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
}
],
"value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-353",
"description": "CWE-353: Missing Support for Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T02:13:17.515Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32475",
"datePublished": "2024-06-07T02:13:17.515Z",
"dateReserved": "2023-05-09T06:07:41.365Z",
"dateUpdated": "2024-08-02T15:18:37.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}