Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-38483

6.7MEDIUM

Key Information

Vendor
Dell
Status
Dell Client Platform BiOS
Vendor
CVE Published:
14 August 2024

Summary

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Affected Version(s)

Dell Client Platform BIOS < 1.35.0

Dell Client Platform BIOS < 2.32.0

Dell Client Platform BIOS < 1.26.0

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

CVE-2024-38483: Dell Technologies would like to thank codebreaker1337 for reporting this issue.
.