Dell BIOS Vulnerability Could Lead to Arbitrary Code Execution
CVE-2024-22429
7.5HIGH
Summary
Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.
Affected Version(s)
CPG BIOS < 2.36.0
CPG BIOS < 1.18.0
CPG BIOS < 1.46.0
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: null to: 7.5 - (HIGH)
Vulnerability published.
Collectors
NVD DatabaseMitre Database
Credit
Dell would like to thank schur of BUPT, Dubhe Lab for reporting this issue.