FKIE_CVE-2024-39584
Vulnerability from fkie_nvd - Published: 2024-08-28 06:15 - Updated: 2024-12-20 14:38
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79481B8B-33AB-4BBB-8959-A1EE16ABC3EE",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E75E14FE-EDC4-43F8-960C-F135EDFFBDCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CB653C-AD62-4804-B93A-D378241D07EB",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5944D668-16F9-4098-A99E-811F02C65B2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D81C5D-B1AB-44C8-B3EC-5035124D5BF0",
"versionEndExcluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52628A84-FEE1-4194-A13F-4139A3A0AE9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6743728-79B1-44FC-B50A-8EC2BAB0A177",
"versionEndExcluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC0D33-2C41-4EA7-969B-A5B3519330AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD9070-F917-456F-8C63-0BAD08363A22",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4D72F-BF7F-4AE3-825E-394DF12F0482",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1397546E-8CB7-4E88-988B-4C73B18FB2A3",
"versionEndExcluding": "2.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A86161-7209-4DC6-9315-66C37C1807DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95EA4B9E-1636-4E67-A3FA-8EF38C2E5ACE",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0272BD-DAFD-47EC-9B70-F72B686032B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC45F6C-9DC9-4E2F-9C3E-3E71E62937B2",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "601B48A2-B0C3-4D9F-9D83-A4818222A756",
"versionEndExcluding": "1.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A254E353-E519-401F-8657-76C7625F9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2F00DB-6932-4D0F-A6F8-36A9ABA8138A",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25E8327-AE8B-49CD-9167-B2967E40F17C",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05928944-E647-4A4D-AEA1-B67804BC7DB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB44CD60-EF6C-47A4-98CF-37D59157FD91",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFFE6D4-B453-4D27-8A3F-9CE9A2B5B1AD",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35312EA-BE2C-45E1-B86D-676F64AAF4F0",
"versionEndExcluding": "1.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D224BFF9-3D06-4291-8EBE-7DEDAC24FA94",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE5B200-E6D3-41D1-9280-7FF6C8026B9E",
"versionEndExcluding": "2.19.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B64687-CF02-414E-B961-84A011DC49E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB4E70B-69EC-4275-8C46-A2B22C5B1156",
"versionEndExcluding": "1.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "503027CC-7D9B-4F00-9728-48C12B18BD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1B4BFA-3EDC-441D-8F28-FAA1B75A3E74",
"versionEndExcluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2943649A-0559-4184-AE43-B6FCEDF3BF98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B7FB3C-5A40-454F-8E45-6099758C222F",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64B4373D-14E6-4915-B42F-4515E4801AEA",
"versionEndExcluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution."
},
{
"lang": "es",
"value": "Dell Client Platform BIOS contiene una vulnerabilidad de uso de clave criptogr\u00e1fica predeterminada. Un atacante con privilegios elevados y acceso local podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una omisi\u00f3n del arranque seguro y la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-39584",
"lastModified": "2024-12-20T14:38:16.543",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T06:15:05.607",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…