fkie_cve-2024-32858
Vulnerability from fkie_nvd
Published
2024-06-13 13:15
Modified
2024-11-21 09:15
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C42BB7D-2380-4FA9-8C5C-FE0F594B3A7F", versionEndExcluding: "2.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*", matchCriteriaId: "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54398C42-AD80-4365-8F44-F3B6F44D33F5", versionEndExcluding: "1.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*", matchCriteriaId: "5944D668-16F9-4098-A99E-811F02C65B2A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36119F09-7608-4DD7-A5BC-297D015F9FE8", versionEndExcluding: "1.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*", matchCriteriaId: "52628A84-FEE1-4194-A13F-4139A3A0AE9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2DFD29BF-F445-4A9B-9D50-827FE7587218", versionEndExcluding: "1.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*", matchCriteriaId: "70AC0D33-2C41-4EA7-969B-A5B3519330AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CB354C9-725F-41D3-A514-C61D1E2C6DD9", versionEndExcluding: "1.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*", matchCriteriaId: "F9B4D72F-BF7F-4AE3-825E-394DF12F0482", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F084A15D-0C77-4AC7-A2E8-CCE5B638C968", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*", matchCriteriaId: "D6A86161-7209-4DC6-9315-66C37C1807DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07378EE2-F446-4E05-A6C3-42532865C664", versionEndExcluding: "1.20.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*", matchCriteriaId: "4C0272BD-DAFD-47EC-9B70-F72B686032B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E83B0E30-CFFB-4AFE-AF42-1475F14186E7", versionEndExcluding: "1.22.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*", matchCriteriaId: "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9A38198-F80D-4D7C-B660-8B5B44C95751", versionEndExcluding: "1.20.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*", matchCriteriaId: "A254E353-E519-401F-8657-76C7625F9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "002D9A38-2618-4896-B0BA-AC18CAF41253", versionEndExcluding: "1.22.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*", matchCriteriaId: "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F1AD900-16EC-4315-83A6-A2CB22E6E185", versionEndExcluding: "1.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*", matchCriteriaId: "05928944-E647-4A4D-AEA1-B67804BC7DB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2380D6A-4E39-423D-9565-E8406AF99E86", versionEndExcluding: "1.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*", matchCriteriaId: "C631E678-90F0-4DB2-8AB8-7378EC32FAC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "626441E2-E195-4E18-B5CF-093CE2706827", versionEndExcluding: "1.27.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*", matchCriteriaId: "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32A341BF-9651-47F1-8CE4-8AF991AD8CEF", versionEndExcluding: "1.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*", matchCriteriaId: "B084185F-1C0D-47D9-9F72-A79095462428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CBC6538F-95F5-411B-9AEE-E330D33F765E", versionEndExcluding: "1.27.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*", matchCriteriaId: "FCCE762E-FB6C-4493-A21F-347DE5CB57E0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C2FE0D4-FEFE-4E9D-BFCA-5EAC643E47A1", versionEndExcluding: "2.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*", matchCriteriaId: "66B64687-CF02-414E-B961-84A011DC49E6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34DF7BEA-2EF9-47A8-965D-C045C793F834", versionEndExcluding: "1.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*", matchCriteriaId: "503027CC-7D9B-4F00-9728-48C12B18BD7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AB53C84B-F912-4BBF-B7B1-D2361E4B6E1A", versionEndExcluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*", matchCriteriaId: "2943649A-0559-4184-AE43-B6FCEDF3BF98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF07E3CF-0029-429F-84CA-C50CEF591176", versionEndExcluding: "1.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*", matchCriteriaId: "486DCCF7-79D9-45C1-8CBD-26FB78705F91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D3892D1-FA31-4E08-8C4A-B233A7E6166E", versionEndExcluding: "1.1.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*", matchCriteriaId: "6F0C34FD-6A6D-43BF-B548-13D57532AF8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09B0F2CD-223E-4C11-896E-E0D2AED3D7CA", versionEndExcluding: "1.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*", matchCriteriaId: "4C32F25E-2F1F-409D-85DF-15CCAB423DD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1C7E4EF-A5CE-479F-8FBC-A79920726D51", versionEndExcluding: "2.8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*", matchCriteriaId: "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D3E1671-D766-4BEE-A382-3F9950540382", versionEndExcluding: "1.26.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*", matchCriteriaId: "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.", }, { lang: "es", value: "Dell Client Platform BIOS contiene una vulnerabilidad de validación de entrada incorrecta en un componente desarrollado externamente. Un atacante con privilegios elevados y acceso local podría explotar esta vulnerabilidad y provocar la ejecución del código.", }, ], id: "CVE-2024-32858", lastModified: "2024-11-21T09:15:52.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "security_alert@emc.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-13T13:15:48.833", references: [ { source: "security_alert@emc.com", tags: [ "Vendor Advisory", ], url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124", }, ], sourceIdentifier: "security_alert@emc.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security_alert@emc.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.