Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2024-06-13 13:15

Modified

2024-11-21 09:15

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	xps_8960_firmware	*
dell	xps_8960	-
dell	xps_8950_firmware	*
dell	xps_8950	-
dell	inspiron_3502_firmware	*
dell	inspiron_3502	-
dell	inspiron_15_3521_firmware	*
dell	inspiron_15_3521	-
dell	inspiron_15_3510_firmware	*
dell	inspiron_15_3510	-
dell	aurora_r16_firmware	*
dell	aurora_r16	-
dell	alienware_x17_r2_firmware	*
dell	alienware_x17_r2	-
dell	alienware_x17_r1_firmware	*
dell	alienware_x17_r1	-
dell	alienware_x15_r2_firmware	*
dell	alienware_x15_r2	-
dell	alienware_x15_r1_firmware	*
dell	alienware_x15_r1	-
dell	alienware_x14_firmware	*
dell	alienware_x14	-
dell	alienware_m17_r4_firmware	*
dell	alienware_m17_r4	-
dell	alienware_m17_r3_firmware	*
dell	alienware_m17_r3	-
dell	alienware_m15_r4_firmware	*
dell	alienware_m15_r4	-
dell	alienware_m15_r3_firmware	*
dell	alienware_m15_r3	-
dell	alienware_aurora_ryzen_edition_r14_firmware	*
dell	alienware_aurora_ryzen_edition_r14	-
dell	alienware_aurora_r15_amd_firmware	*
dell	alienware_aurora_r15_amd	-
dell	alienware_aurora_r15_firmware	*
dell	alienware_aurora_r15	-
dell	alienware_aurora_r13_firmware	*
dell	alienware_aurora_r13	-
dell	alienware_aurora_r12_firmware	*
dell	alienware_aurora_r12	-
dell	alienware_aurora_r11_firmware	*
dell	alienware_aurora_r11	-
dell	alienware_aurora_r10_firmware	*
dell	alienware_aurora_r10	-
dell	alienware_area_51m_r2_firmware	*
dell	alienware_area_51m_r2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
              "versionEndExcluding": "2.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
              "versionEndExcluding": "1.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
              "versionEndExcluding": "1.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
              "versionEndExcluding": "2.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
              "versionEndExcluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
              "versionEndExcluding": "1.12.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
              "versionEndExcluding": "1.1.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
              "versionEndExcluding": "1.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
              "versionEndExcluding": "2.8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
              "versionEndExcluding": "1.26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
    },
    {
      "lang": "es",
      "value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
    }
  ],
  "id": "CVE-2024-32859",
  "lastModified": "2024-11-21T09:15:52.540",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-13T13:15:49.210",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-06-13 13:15

Modified

2024-11-21 09:15

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	xps_8960_firmware	*
dell	xps_8960	-
dell	xps_8950_firmware	*
dell	xps_8950	-
dell	inspiron_3502_firmware	*
dell	inspiron_3502	-
dell	inspiron_15_3521_firmware	*
dell	inspiron_15_3521	-
dell	inspiron_15_3510_firmware	*
dell	inspiron_15_3510	-
dell	aurora_r16_firmware	*
dell	aurora_r16	-
dell	alienware_x17_r2_firmware	*
dell	alienware_x17_r2	-
dell	alienware_x17_r1_firmware	*
dell	alienware_x17_r1	-
dell	alienware_x15_r2_firmware	*
dell	alienware_x15_r2	-
dell	alienware_x15_r1_firmware	*
dell	alienware_x15_r1	-
dell	alienware_x14_firmware	*
dell	alienware_x14	-
dell	alienware_m17_r4_firmware	*
dell	alienware_m17_r4	-
dell	alienware_m17_r3_firmware	*
dell	alienware_m17_r3	-
dell	alienware_m15_r4_firmware	*
dell	alienware_m15_r4	-
dell	alienware_m15_r3_firmware	*
dell	alienware_m15_r3	-
dell	alienware_aurora_ryzen_edition_r14_firmware	*
dell	alienware_aurora_ryzen_edition_r14	-
dell	alienware_aurora_r15_amd_firmware	*
dell	alienware_aurora_r15_amd	-
dell	alienware_aurora_r15_firmware	*
dell	alienware_aurora_r15	-
dell	alienware_aurora_r13_firmware	*
dell	alienware_aurora_r13	-
dell	alienware_aurora_r12_firmware	*
dell	alienware_aurora_r12	-
dell	alienware_aurora_r11_firmware	*
dell	alienware_aurora_r11	-
dell	alienware_aurora_r10_firmware	*
dell	alienware_aurora_r10	-
dell	alienware_area_51m_r2_firmware	*
dell	alienware_area_51m_r2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
              "versionEndExcluding": "2.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
              "versionEndExcluding": "1.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
              "versionEndExcluding": "1.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
              "versionEndExcluding": "2.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
              "versionEndExcluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
              "versionEndExcluding": "1.12.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
              "versionEndExcluding": "1.1.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
              "versionEndExcluding": "1.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
              "versionEndExcluding": "2.8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
              "versionEndExcluding": "1.26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
    },
    {
      "lang": "es",
      "value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
    }
  ],
  "id": "CVE-2024-32858",
  "lastModified": "2024-11-21T09:15:52.360",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-13T13:15:48.833",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-06-13 12:15

Modified

2024-11-21 09:15

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	xps_8960_firmware	*
dell	xps_8960	-
dell	xps_8950_firmware	*
dell	xps_8950	-
dell	inspiron_3502_firmware	*
dell	inspiron_3502	-
dell	inspiron_15_3521_firmware	*
dell	inspiron_15_3521	-
dell	inspiron_15_3510_firmware	*
dell	inspiron_15_3510	-
dell	aurora_r16_firmware	*
dell	aurora_r16	-
dell	alienware_x17_r2_firmware	*
dell	alienware_x17_r2	-
dell	alienware_x17_r1_firmware	*
dell	alienware_x17_r1	-
dell	alienware_x15_r2_firmware	*
dell	alienware_x15_r2	-
dell	alienware_x15_r1_firmware	*
dell	alienware_x15_r1	-
dell	alienware_x14_firmware	*
dell	alienware_x14	-
dell	alienware_m17_r4_firmware	*
dell	alienware_m17_r4	-
dell	alienware_m17_r3_firmware	*
dell	alienware_m17_r3	-
dell	alienware_m15_r4_firmware	*
dell	alienware_m15_r4	-
dell	alienware_m15_r3_firmware	*
dell	alienware_m15_r3	-
dell	alienware_aurora_ryzen_edition_r14_firmware	*
dell	alienware_aurora_ryzen_edition_r14	-
dell	alienware_aurora_r15_amd_firmware	*
dell	alienware_aurora_r15_amd	-
dell	alienware_aurora_r15_firmware	*
dell	alienware_aurora_r15	-
dell	alienware_aurora_r13_firmware	*
dell	alienware_aurora_r13	-
dell	alienware_aurora_r12_firmware	*
dell	alienware_aurora_r12	-
dell	alienware_aurora_r11_firmware	*
dell	alienware_aurora_r11	-
dell	alienware_aurora_r10_firmware	*
dell	alienware_aurora_r10	-
dell	alienware_area_51m_r2_firmware	*
dell	alienware_area_51m_r2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
              "versionEndExcluding": "2.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFD29BF-F445-4A9B-9D50-827FE7587218",
              "versionEndExcluding": "1.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E83B0E30-CFFB-4AFE-AF42-1475F14186E7",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "002D9A38-2618-4896-B0BA-AC18CAF41253",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1AD900-16EC-4315-83A6-A2CB22E6E185",
              "versionEndExcluding": "1.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2380D6A-4E39-423D-9565-E8406AF99E86",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32A341BF-9651-47F1-8CE4-8AF991AD8CEF",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
              "versionEndExcluding": "2.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
              "versionEndExcluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A",
              "versionEndExcluding": "1.12.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF07E3CF-0029-429F-84CA-C50CEF591176",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
              "versionEndExcluding": "1.1.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
              "versionEndExcluding": "1.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C7E4EF-A5CE-479F-8FBC-A79920726D51",
              "versionEndExcluding": "2.8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
              "versionEndExcluding": "1.26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
    },
    {
      "lang": "es",
      "value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la divulgaci\u00f3n de informaci\u00f3n."
    }
  ],
  "id": "CVE-2024-32856",
  "lastModified": "2024-11-21T09:15:52.000",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 4.2,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-13T12:15:10.647",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-08-28 06:15

Modified

2024-12-20 14:38

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	xps_8960_firmware	*
dell	xps_8960	-
dell	xps_8950_firmware	*
dell	xps_8950	-
dell	inspiron_3502_firmware	*
dell	inspiron_3502	-
dell	inspiron_15_3521_firmware	*
dell	inspiron_15_3521	-
dell	inspiron_15_3510_firmware	*
dell	inspiron_15_3510	-
dell	aurora_r16_firmware	*
dell	aurora_r16	-
dell	alienware_x17_r2_firmware	*
dell	alienware_x17_r2	-
dell	alienware_x17_r1_firmware	*
dell	alienware_x17_r1	-
dell	alienware_x15_r2_firmware	*
dell	alienware_x15_r2	-
dell	alienware_x15_r1_firmware	*
dell	alienware_x15_r1	-
dell	alienware_x14_firmware	*
dell	alienware_x14	-
dell	alienware_m17_r4_firmware	*
dell	alienware_m17_r4	-
dell	alienware_m17_r3_firmware	*
dell	alienware_m17_r3	-
dell	alienware_m15_r4_firmware	*
dell	alienware_m15_r4	-
dell	alienware_m15_r3_firmware	*
dell	alienware_m15_r3	-
dell	alienware_aurora_ryzen_edition_r14_firmware	*
dell	alienware_aurora_ryzen_edition_r14	-
dell	alienware_aurora_r15_amd_firmware	*
dell	alienware_aurora_r15_amd	-
dell	alienware_aurora_r15_firmware	*
dell	alienware_aurora_r15	-
dell	alienware_aurora_r13_firmware	*
dell	alienware_aurora_r13	-
dell	alienware_area_51m_r2_firmware	*
dell	alienware_area_51m_r2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79481B8B-33AB-4BBB-8959-A1EE16ABC3EE",
              "versionEndExcluding": "2.12.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58CB653C-AD62-4804-B93A-D378241D07EB",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D81C5D-B1AB-44C8-B3EC-5035124D5BF0",
              "versionEndExcluding": "1.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6743728-79B1-44FC-B50A-8EC2BAB0A177",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD9070-F917-456F-8C63-0BAD08363A22",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1397546E-8CB7-4E88-988B-4C73B18FB2A3",
              "versionEndExcluding": "2.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95EA4B9E-1636-4E67-A3FA-8EF38C2E5ACE",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC45F6C-9DC9-4E2F-9C3E-3E71E62937B2",
              "versionEndExcluding": "1.24.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "601B48A2-B0C3-4D9F-9D83-A4818222A756",
              "versionEndExcluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB2F00DB-6932-4D0F-A6F8-36A9ABA8138A",
              "versionEndExcluding": "1.24.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25E8327-AE8B-49CD-9167-B2967E40F17C",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB44CD60-EF6C-47A4-98CF-37D59157FD91",
              "versionEndExcluding": "1.24.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FFFE6D4-B453-4D27-8A3F-9CE9A2B5B1AD",
              "versionEndExcluding": "1.29.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35312EA-BE2C-45E1-B86D-676F64AAF4F0",
              "versionEndExcluding": "1.24.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D224BFF9-3D06-4291-8EBE-7DEDAC24FA94",
              "versionEndExcluding": "1.29.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE5B200-E6D3-41D1-9280-7FF6C8026B9E",
              "versionEndExcluding": "2.19.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB4E70B-69EC-4275-8C46-A2B22C5B1156",
              "versionEndExcluding": "1.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1B4BFA-3EDC-441D-8F28-FAA1B75A3E74",
              "versionEndExcluding": "1.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16B7FB3C-5A40-454F-8E45-6099758C222F",
              "versionEndExcluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64B4373D-14E6-4915-B42F-4515E4801AEA",
              "versionEndExcluding": "1.29.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "Dell Client Platform BIOS contiene una vulnerabilidad de uso de clave criptogr\u00e1fica predeterminada. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una omisi\u00f3n del arranque seguro y la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2024-39584",
  "lastModified": "2024-12-20T14:38:16.543",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-28T06:15:05.607",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1392"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-06-13 13:15

Modified

2024-11-21 09:15

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	alienware_area_51m_r2_firmware	*
dell	alienware_area_51m_r2	-
dell	alienware_aurora_r11_firmware	*
dell	alienware_aurora_r11	-
dell	alienware_aurora_r12_firmware	*
dell	alienware_aurora_r12	-
dell	alienware_aurora_r13_firmware	*
dell	alienware_aurora_r13	-
dell	alienware_aurora_r15_firmware	*
dell	alienware_aurora_r15	-
dell	alienware_aurora_r15_amd_firmware	*
dell	alienware_aurora_r15_amd	-
dell	alienware_aurora_ryzen_edition_r14_firmware	*
dell	alienware_aurora_ryzen_edition_r14	-
dell	alienware_m15_r3_firmware	*
dell	alienware_m15_r3	-
dell	alienware_m15_r4_firmware	*
dell	alienware_m15_r4	-
dell	alienware_m17_r3_firmware	*
dell	alienware_m17_r3	-
dell	alienware_m17_r4_firmware	*
dell	alienware_m17_r4	-
dell	alienware_x14_firmware	*
dell	alienware_x14	-
dell	alienware_x15_r1_firmware	*
dell	alienware_x15_r1	-
dell	alienware_x15_r2_firmware	*
dell	alienware_x15_r2	-
dell	alienware_x17_r1_firmware	*
dell	alienware_x17_r1	-
dell	alienware_x17_r2_firmware	*
dell	alienware_x17_r2	-
dell	aurora_r16_firmware	*
dell	aurora_r16	-
dell	inspiron_15_3510_firmware	*
dell	inspiron_15_3510	-
dell	inspiron_15_352_firmware	*
dell	inspiron_15_352	-
dell	inspiron_3502_firmware	*
dell	inspiron_3502	-
dell	xps_8950_firmware	*
dell	xps_8950	-
dell	xps_8960_firmware	*
dell	xps_8960	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E1671-D766-4BEE-A382-3F9950540382",
              "versionEndExcluding": "1.26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA",
              "versionEndExcluding": "1.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3892D1-FA31-4E08-8C4A-B233A7E6166E",
              "versionEndExcluding": "1.1.25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BA98A09-CEC8-4765-9F67-1B8E31A403BA",
              "versionEndIncluding": "1.1.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "502B41A3-DA11-4F02-ADBA-12BAEB90E9D9",
              "versionEndExcluding": "1.1.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34DF7BEA-2EF9-47A8-965D-C045C793F834",
              "versionEndExcluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1",
              "versionEndExcluding": "2.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC6538F-95F5-411B-9AEE-E330D33F765E",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE1A9B5-8534-4DAE-957E-FF670060C35A",
              "versionEndIncluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "626441E2-E195-4E18-B5CF-093CE2706827",
              "versionEndExcluding": "1.27.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E92F1AF-4259-40FA-BD64-2B5E36DB815B",
              "versionEndIncluding": "1.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A10F10-F9C8-4FF0-8F28-BCBDABE8C8EA",
              "versionEndIncluding": "1.18.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69E828F7-2199-470B-B3F3-251704F4BAA4",
              "versionEndIncluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A38198-F80D-4D7C-B660-8B5B44C95751",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF468943-A697-46B0-A8DF-3D9F329E87D6",
              "versionEndIncluding": "1.22.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07378EE2-F446-4E05-A6C3-42532865C664",
              "versionEndExcluding": "1.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F084A15D-0C77-4AC7-A2E8-CCE5B638C968",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB354C9-725F-41D3-A514-C61D1E2C6DD9",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_15_352_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF372BE7-5B95-4DF7-A85A-22B92D3931BF",
              "versionEndExcluding": "1.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_15_352:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "807B8FFB-4AB1-43B3-B2E6-BA53D1244437",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36119F09-7608-4DD7-A5BC-297D015F9FE8",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54398C42-AD80-4365-8F44-F3B6F44D33F5",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F",
              "versionEndExcluding": "2.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
    },
    {
      "lang": "es",
      "value": "Dell Client Platform BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad y provocar la ejecuci\u00f3n del c\u00f3digo."
    }
  ],
  "id": "CVE-2024-32860",
  "lastModified": "2024-11-21T09:15:52.723",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-13T13:15:49.517",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2024-39584

Vulnerability from cvelistv5

Published

2024-08-28 05:46

Modified

2024-08-28 14:15

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

Dell Client Platform BIOS

Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:dell:alienware_m15_r3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:dell:alienware_m17_r3_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "alienware_m17_r3_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.29.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "alienware_aurora_r15_amd_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.15.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_x14_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "alienware_x14_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.21.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "alienware_x15_r1_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.24.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39584",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-28T14:02:49.780082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T14:15:01.978Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Dell Client Platform BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "1.29.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.15.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.21.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue."
        }
      ],
      "datePublic": "2024-08-27T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
            }
          ],
          "value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability.  A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1392",
              "description": "CWE-1392: Use of Default Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-28T05:46:40.013Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-39584",
    "datePublished": "2024-08-28T05:46:40.013Z",
    "dateReserved": "2024-06-26T02:16:08.993Z",
    "dateUpdated": "2024-08-28T14:15:01.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-32860

Vulnerability from cvelistv5

Published

2024-06-13 13:00

Modified

2024-08-02 02:20

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

CPG BIOS

Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cpg_bios",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.0.24",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.1.25",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.12.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.13.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "2.18.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "2.7.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.16.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "2.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32860",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-20T13:49:01.558476Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-20T14:48:48.914Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:20:35.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "1.0.24",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.25",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.18.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.7.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.16.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.6.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell Technologies would like to thank Eason for reporting this issue."
        }
      ],
      "datePublic": "2024-06-11T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
            }
          ],
          "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-13T13:00:19.384Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-32860",
    "datePublished": "2024-06-13T13:00:19.384Z",
    "dateReserved": "2024-04-19T09:34:13.527Z",
    "dateUpdated": "2024-08-02T02:20:35.674Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-32858

Vulnerability from cvelistv5

Published

2024-06-13 12:48

Modified

2024-08-02 02:20

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

CPG BIOS

Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r10_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.8.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r11_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.0.24",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r12_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.1.25",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r13_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r14_ryzen_edition_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.18.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r15_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.12.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r15_amd_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.13.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r16_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.7.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "inspiron_3502_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.16.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xps_8950_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xps_8960_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-13T13:37:43.257078Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T16:09:43.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:20:35.666Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.8.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.0.24",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.25",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.18.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.7.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.16.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.6.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell Technologies would like to thank Eason for reporting this issue"
        }
      ],
      "datePublic": "2024-06-11T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
            }
          ],
          "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-13T12:48:29.724Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-32858",
    "datePublished": "2024-06-13T12:48:29.724Z",
    "dateReserved": "2024-04-19T09:34:13.527Z",
    "dateUpdated": "2024-08-02T02:20:35.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-32856

Vulnerability from cvelistv5

Published

2024-06-13 11:51

Modified

2024-08-02 02:20

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

CPG BIOS

Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32856",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-17T13:07:26.971457Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T13:07:31.325Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:20:35.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.8.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.0.24",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.25",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.18.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.7.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.16.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell Technologies would like to thank Eason for reporting this issue."
        }
      ],
      "datePublic": "2024-06-11T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
            }
          ],
          "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-13T11:51:03.183Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-32856",
    "datePublished": "2024-06-13T11:51:03.183Z",
    "dateReserved": "2024-04-19T09:34:13.526Z",
    "dateUpdated": "2024-08-02T02:20:35.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-32859

Vulnerability from cvelistv5

Published

2024-06-13 12:39

Modified

2024-08-02 02:20

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

CPG BIOS

Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤
Version: N/A   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r15_amd_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.13.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r16_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r16_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.7.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r10_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.8.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r11_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.0.24",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r12_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.1.25",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r13_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r14_ryzen_edition_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r14_ryzen_edition_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.18.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "alienware_aurora_r15_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.12.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "inspiron_3502_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.16.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xps_8950_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "1.19.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xps_8960_firmware",
            "vendor": "dell",
            "versions": [
              {
                "lessThan": "2.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32859",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-13T13:39:08.008139Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T16:01:53.774Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:20:35.656Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.8.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.0.24",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.25",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.18.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.7.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.16.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.6.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell Technologies would like to thank Eason for reporting this issue"
        }
      ],
      "datePublic": "2024-06-11T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
            }
          ],
          "value": "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-13T12:39:41.863Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-32859",
    "datePublished": "2024-06-13T12:39:41.863Z",
    "dateReserved": "2024-04-19T09:34:13.527Z",
    "dateUpdated": "2024-08-02T02:20:35.656Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to dell - aurora_r16_firmware

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2024-39584

Vulnerability from cvelistv5

cve-2024-32860

Vulnerability from cvelistv5

cve-2024-32858

Vulnerability from cvelistv5

cve-2024-32856

Vulnerability from cvelistv5

cve-2024-32859

Vulnerability from cvelistv5