Vulnerabilites related to dell - aurora_r16
cve-2024-32860
Vulnerability from cvelistv5
Published
2024-06-13 13:00
Modified
2024-08-02 02:20
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Impacted products
Vendor Product Version
Dell CPG BIOS Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "cpg_bios",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.0.24",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "1.1.25",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "1.19.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "1.12.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "1.13.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "2.18.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "1.16.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                     {
                        lessThan: "2.6.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-32860",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-20T13:49:01.558476Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-20T14:48:48.914Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:20:35.674Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "CPG BIOS",
               vendor: "Dell",
               versions: [
                  {
                     lessThan: "1.0.24",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.1.25",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.19.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.12.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.13.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.18.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.7.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.16.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.6.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Dell Technologies would like to thank Eason for reporting this issue.",
            },
         ],
         datePublic: "2024-06-11T06:30:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
                  },
               ],
               value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20: Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-13T13:00:19.384Z",
            orgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
            shortName: "dell",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
      assignerShortName: "dell",
      cveId: "CVE-2024-32860",
      datePublished: "2024-06-13T13:00:19.384Z",
      dateReserved: "2024-04-19T09:34:13.527Z",
      dateUpdated: "2024-08-02T02:20:35.674Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-32859
Vulnerability from cvelistv5
Published
2024-06-13 12:39
Modified
2024-08-02 02:20
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Impacted products
Vendor Product Version
Dell CPG BIOS Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r15_amd_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.13.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r16_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r10_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.8.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r11_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.0.24",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r12_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.1.25",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r13_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.19.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r14_ryzen_edition_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.18.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r15_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.12.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "inspiron_3502_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.16.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xps_8950_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.19.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xps_8960_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.6.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-32859",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-13T13:39:08.008139Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-13T16:01:53.774Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:20:35.656Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "CPG BIOS",
               vendor: "Dell",
               versions: [
                  {
                     lessThan: "2.8.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.0.24",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.1.25",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.19.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.12.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.13.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.18.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.7.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.16.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.6.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Dell Technologies would like to thank Eason for reporting this issue",
            },
         ],
         datePublic: "2024-06-11T06:30:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
                  },
               ],
               value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20: Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-13T12:39:41.863Z",
            orgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
            shortName: "dell",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
      assignerShortName: "dell",
      cveId: "CVE-2024-32859",
      datePublished: "2024-06-13T12:39:41.863Z",
      dateReserved: "2024-04-19T09:34:13.527Z",
      dateUpdated: "2024-08-02T02:20:35.656Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-32856
Vulnerability from cvelistv5
Published
2024-06-13 11:51
Modified
2024-08-02 02:20
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Impacted products
Vendor Product Version
Dell CPG BIOS Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-32856",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-17T13:07:26.971457Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-17T13:07:31.325Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:20:35.591Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "CPG BIOS",
               vendor: "Dell",
               versions: [
                  {
                     lessThan: "2.8.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.0.24",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.1.25",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.19.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.12.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.13.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.18.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.7.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.16.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Dell Technologies would like to thank Eason for reporting this issue.",
            },
         ],
         datePublic: "2024-06-11T06:30:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",
                  },
               ],
               value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "LOW",
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20: Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-13T11:51:03.183Z",
            orgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
            shortName: "dell",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
      assignerShortName: "dell",
      cveId: "CVE-2024-32856",
      datePublished: "2024-06-13T11:51:03.183Z",
      dateReserved: "2024-04-19T09:34:13.526Z",
      dateUpdated: "2024-08-02T02:20:35.591Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-39584
Vulnerability from cvelistv5
Published
2024-08-28 05:46
Modified
2024-08-28 14:15
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
Impacted products
Vendor Product Version
Dell Dell Client Platform BIOS Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:-:*:*:*:*:*:*:*",
                     "cpe:2.3:o:dell:alienware_m15_r3_firmware:-:*:*:*:*:*:*:*",
                     "cpe:2.3:o:dell:alienware_m17_r3_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "alienware_m17_r3_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.29.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "alienware_aurora_r15_amd_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.15.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_x14_firmware:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "alienware_x14_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.21.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "alienware_x15_r1_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.24.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-39584",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-28T14:02:49.780082Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-28T14:15:01.978Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Dell Client Platform BIOS",
               vendor: "Dell",
               versions: [
                  {
                     lessThan: "1.29.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.15.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.21.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.24.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue.",
            },
         ],
         datePublic: "2024-08-27T06:30:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.",
                  },
               ],
               value: "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-1392",
                     description: "CWE-1392: Use of Default Credentials",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-28T05:46:40.013Z",
            orgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
            shortName: "dell",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
      assignerShortName: "dell",
      cveId: "CVE-2024-39584",
      datePublished: "2024-08-28T05:46:40.013Z",
      dateReserved: "2024-06-26T02:16:08.993Z",
      dateUpdated: "2024-08-28T14:15:01.978Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-32858
Vulnerability from cvelistv5
Published
2024-06-13 12:48
Modified
2024-08-02 02:20
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Impacted products
Vendor Product Version
Dell CPG BIOS Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Version: N/A   
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r10_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.8.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r11_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.0.24",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r12_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.1.25",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r13_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.19.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r14_ryzen_edition_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.18.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r15_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.12.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r15_amd_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.13.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "alienware_aurora_r16_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "inspiron_3502_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.16.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xps_8950_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "1.19.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "xps_8960_firmware",
                  vendor: "dell",
                  versions: [
                     {
                        lessThan: "2.6.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-32858",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-13T13:37:43.257078Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-13T16:09:43.292Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:20:35.666Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "CPG BIOS",
               vendor: "Dell",
               versions: [
                  {
                     lessThan: "2.8.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.0.24",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.1.25",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.19.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.12.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.13.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.18.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.7.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "1.16.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
                  {
                     lessThan: "2.6.0",
                     status: "affected",
                     version: "N/A",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Dell Technologies would like to thank Eason for reporting this issue",
            },
         ],
         datePublic: "2024-06-11T06:30:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
                  },
               ],
               value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20: Improper Input Validation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-13T12:48:29.724Z",
            orgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
            shortName: "dell",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe",
      assignerShortName: "dell",
      cveId: "CVE-2024-32858",
      datePublished: "2024-06-13T12:48:29.724Z",
      dateReserved: "2024-04-19T09:34:13.527Z",
      dateUpdated: "2024-08-02T02:20:35.666Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2024-06-13 13:15
Modified
2024-11-21 09:15
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3E1671-D766-4BEE-A382-3F9950540382",
                     versionEndExcluding: "1.26.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
                     versionEndExcluding: "1.0.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
                     versionEndExcluding: "1.1.25",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BA98A09-CEC8-4765-9F67-1B8E31A403BA",
                     versionEndIncluding: "1.1.19",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "502B41A3-DA11-4F02-ADBA-12BAEB90E9D9",
                     versionEndExcluding: "1.1.12",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34DF7BEA-2EF9-47A8-965D-C045C793F834",
                     versionEndExcluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
                     versionEndExcluding: "2.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC6538F-95F5-411B-9AEE-E330D33F765E",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EE1A9B5-8534-4DAE-957E-FF670060C35A",
                     versionEndIncluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "626441E2-E195-4E18-B5CF-093CE2706827",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E92F1AF-4259-40FA-BD64-2B5E36DB815B",
                     versionEndIncluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "84A10F10-F9C8-4FF0-8F28-BCBDABE8C8EA",
                     versionEndIncluding: "1.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "69E828F7-2199-470B-B3F3-251704F4BAA4",
                     versionEndIncluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9A38198-F80D-4D7C-B660-8B5B44C95751",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF468943-A697-46B0-A8DF-3D9F329E87D6",
                     versionEndIncluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07378EE2-F446-4E05-A6C3-42532865C664",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_352_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF372BE7-5B95-4DF7-A85A-22B92D3931BF",
                     versionEndExcluding: "1.14.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_352:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "807B8FFB-4AB1-43B3-B2E6-BA53D1244437",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36119F09-7608-4DD7-A5BC-297D015F9FE8",
                     versionEndExcluding: "1.16.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "54398C42-AD80-4365-8F44-F3B6F44D33F5",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
                     versionEndExcluding: "2.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
      },
      {
         lang: "es",
         value: "Dell Client Platform BIOS contiene una vulnerabilidad de validación de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad y provocar la ejecución del código.",
      },
   ],
   id: "CVE-2024-32860",
   lastModified: "2024-11-21T09:15:52.723",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 6,
            source: "security_alert@emc.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-13T13:15:49.517",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security_alert@emc.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-13 13:15
Modified
2024-11-21 09:15
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
                     versionEndExcluding: "2.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "54398C42-AD80-4365-8F44-F3B6F44D33F5",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36119F09-7608-4DD7-A5BC-297D015F9FE8",
                     versionEndExcluding: "1.16.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DFD29BF-F445-4A9B-9D50-827FE7587218",
                     versionEndExcluding: "1.14.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07378EE2-F446-4E05-A6C3-42532865C664",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9A38198-F80D-4D7C-B660-8B5B44C95751",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "002D9A38-2618-4896-B0BA-AC18CAF41253",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
                     versionEndExcluding: "1.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2380D6A-4E39-423D-9565-E8406AF99E86",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "626441E2-E195-4E18-B5CF-093CE2706827",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC6538F-95F5-411B-9AEE-E330D33F765E",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
                     versionEndExcluding: "2.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34DF7BEA-2EF9-47A8-965D-C045C793F834",
                     versionEndExcluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
                     versionEndExcluding: "1.12.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF07E3CF-0029-429F-84CA-C50CEF591176",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
                     versionEndExcluding: "1.1.25",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
                     versionEndExcluding: "1.0.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
                     versionEndExcluding: "2.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3E1671-D766-4BEE-A382-3F9950540382",
                     versionEndExcluding: "1.26.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
      },
      {
         lang: "es",
         value: "Dell Client Platform BIOS contiene una vulnerabilidad de validación de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad y provocar la ejecución del código.",
      },
   ],
   id: "CVE-2024-32859",
   lastModified: "2024-11-21T09:15:52.540",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 6,
            source: "security_alert@emc.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-13T13:15:49.210",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security_alert@emc.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-13 13:15
Modified
2024-11-21 09:15
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
                     versionEndExcluding: "2.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "54398C42-AD80-4365-8F44-F3B6F44D33F5",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36119F09-7608-4DD7-A5BC-297D015F9FE8",
                     versionEndExcluding: "1.16.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DFD29BF-F445-4A9B-9D50-827FE7587218",
                     versionEndExcluding: "1.14.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07378EE2-F446-4E05-A6C3-42532865C664",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9A38198-F80D-4D7C-B660-8B5B44C95751",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "002D9A38-2618-4896-B0BA-AC18CAF41253",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
                     versionEndExcluding: "1.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2380D6A-4E39-423D-9565-E8406AF99E86",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "626441E2-E195-4E18-B5CF-093CE2706827",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC6538F-95F5-411B-9AEE-E330D33F765E",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
                     versionEndExcluding: "2.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34DF7BEA-2EF9-47A8-965D-C045C793F834",
                     versionEndExcluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
                     versionEndExcluding: "1.12.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF07E3CF-0029-429F-84CA-C50CEF591176",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
                     versionEndExcluding: "1.1.25",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
                     versionEndExcluding: "1.0.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
                     versionEndExcluding: "2.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3E1671-D766-4BEE-A382-3F9950540382",
                     versionEndExcluding: "1.26.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",
      },
      {
         lang: "es",
         value: "Dell Client Platform BIOS contiene una vulnerabilidad de validación de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad y provocar la ejecución del código.",
      },
   ],
   id: "CVE-2024-32858",
   lastModified: "2024-11-21T09:15:52.360",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 6,
            source: "security_alert@emc.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-13T13:15:48.833",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security_alert@emc.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-13 12:15
Modified
2024-11-21 09:15
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
                     versionEndExcluding: "2.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "54398C42-AD80-4365-8F44-F3B6F44D33F5",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36119F09-7608-4DD7-A5BC-297D015F9FE8",
                     versionEndExcluding: "1.16.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DFD29BF-F445-4A9B-9D50-827FE7587218",
                     versionEndExcluding: "1.14.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07378EE2-F446-4E05-A6C3-42532865C664",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9A38198-F80D-4D7C-B660-8B5B44C95751",
                     versionEndExcluding: "1.20.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "002D9A38-2618-4896-B0BA-AC18CAF41253",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
                     versionEndExcluding: "1.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2380D6A-4E39-423D-9565-E8406AF99E86",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "626441E2-E195-4E18-B5CF-093CE2706827",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC6538F-95F5-411B-9AEE-E330D33F765E",
                     versionEndExcluding: "1.27.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
                     versionEndExcluding: "2.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34DF7BEA-2EF9-47A8-965D-C045C793F834",
                     versionEndExcluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
                     versionEndExcluding: "1.12.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF07E3CF-0029-429F-84CA-C50CEF591176",
                     versionEndExcluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
                     versionEndExcluding: "1.1.25",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
                     versionEndExcluding: "1.0.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
                     versionEndExcluding: "2.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D3E1671-D766-4BEE-A382-3F9950540382",
                     versionEndExcluding: "1.26.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",
      },
      {
         lang: "es",
         value: "Dell Client Platform BIOS contiene una vulnerabilidad de validación de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad y provocar la divulgación de información.",
      },
   ],
   id: "CVE-2024-32856",
   lastModified: "2024-11-21T09:15:52.000",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "LOW",
               baseScore: 5.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 4.2,
            source: "security_alert@emc.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-13T12:15:10.647",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "security_alert@emc.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-08-28 06:15
Modified
2024-12-20 14:38
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "79481B8B-33AB-4BBB-8959-A1EE16ABC3EE",
                     versionEndExcluding: "2.12.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "58CB653C-AD62-4804-B93A-D378241D07EB",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20D81C5D-B1AB-44C8-B3EC-5035124D5BF0",
                     versionEndExcluding: "1.18.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6743728-79B1-44FC-B50A-8EC2BAB0A177",
                     versionEndExcluding: "1.16.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAFD9070-F917-456F-8C63-0BAD08363A22",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1397546E-8CB7-4E88-988B-4C73B18FB2A3",
                     versionEndExcluding: "2.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "95EA4B9E-1636-4E67-A3FA-8EF38C2E5ACE",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BC45F6C-9DC9-4E2F-9C3E-3E71E62937B2",
                     versionEndExcluding: "1.24.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "601B48A2-B0C3-4D9F-9D83-A4818222A756",
                     versionEndExcluding: "1.22.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB2F00DB-6932-4D0F-A6F8-36A9ABA8138A",
                     versionEndExcluding: "1.24.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B25E8327-AE8B-49CD-9167-B2967E40F17C",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB44CD60-EF6C-47A4-98CF-37D59157FD91",
                     versionEndExcluding: "1.24.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FFFE6D4-B453-4D27-8A3F-9CE9A2B5B1AD",
                     versionEndExcluding: "1.29.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D35312EA-BE2C-45E1-B86D-676F64AAF4F0",
                     versionEndExcluding: "1.24.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D224BFF9-3D06-4291-8EBE-7DEDAC24FA94",
                     versionEndExcluding: "1.29.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CE5B200-E6D3-41D1-9280-7FF6C8026B9E",
                     versionEndExcluding: "2.19.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAB4E70B-69EC-4275-8C46-A2B22C5B1156",
                     versionEndExcluding: "1.15.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F1B4BFA-3EDC-441D-8F28-FAA1B75A3E74",
                     versionEndExcluding: "1.17.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "16B7FB3C-5A40-454F-8E45-6099758C222F",
                     versionEndExcluding: "1.21.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "64B4373D-14E6-4915-B42F-4515E4801AEA",
                     versionEndExcluding: "1.29.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.",
      },
      {
         lang: "es",
         value: "Dell Client Platform BIOS contiene una vulnerabilidad de uso de clave criptográfica predeterminada. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad, lo que provocaría una omisión del arranque seguro y la ejecución de código arbitrario.",
      },
   ],
   id: "CVE-2024-39584",
   lastModified: "2024-12-20T14:38:16.543",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "security_alert@emc.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-28T06:15:05.607",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-1392",
            },
         ],
         source: "security_alert@emc.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}