Weak Authentication Vulnerability in Dell Client Platform BIOS
CVE-2024-52541

8.2HIGH

Key Information:

Vendor: Dell
Status: Dell Client Platform BiOS
Vendor: CVE Published:; 19 February 2025

Summary

A weak authentication issue has been identified in the Dell Client Platform BIOS, allowing a high-privileged attacker with local access to potentially exploit the vulnerability. This exploitation could lead to an elevation of privileges, granting the attacker unauthorized control over the system. To mitigate this risk, it is essential for users to ensure they are running the latest BIOS versions and to implement robust security practices.

Affected Version(s)

Dell Client Platform BIOS < 1.34.0

Dell Client Platform BIOS < 1.28.0

Dell Client Platform BIOS < 1.21.0

References

https://www.dell.com/support/kbdoc/en-us/000258429/dsa-20...

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 19, 2025
Vulnerability Reserved
Nov 12, 2024