Security Version Number Vulnerability in Dell Client Platform BIOS
CVE-2025-29989

3.1LOW

Key Information:

Vendor: Dell
Status: Dell Client Platform BiOS
Vendor: CVE Published:; 10 April 2025

What is CVE-2025-29989?

The Dell Client Platform BIOS has a significant vulnerability that allows an attacker with high privileges and local access to manipulate the Security Version Number. This vulnerability could enable exploitation that leads to the denial of BIOS upgrades, compromising system integrity. Users are encouraged to review their BIOS versions and apply available patches to mitigate potential risks. For more information, please refer to the official Dell security advisory.

Affected Version(s)

Dell Client Platform BIOS < 2.42.0

Dell Client Platform BIOS < 2.46.0

Dell Client Platform BIOS < 1.18.0

References

https://www.dell.com/support/kbdoc/en-us/000250131/dsa-20...

vendor-advisory

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2025
Vulnerability Reserved
Mar 13, 2025