Authentication Bypass Vulnerability in Dell Client Platform BIOS
CVE-2026-35159
5.3MEDIUM
Key Information:
- Vendor
Dell
- Vendor
- CVE Published:
- 3 July 2026
What is CVE-2026-35159?
A vulnerability exists in Dell Client Platform BIOS that allows an unauthenticated attacker with physical access to the device to bypass authentication mechanisms. This flaw could enable unauthorized access, potentially leading to information disclosure. Users should ensure their systems are updated to mitigate risks associated with this vulnerability.
Affected Version(s)
14 Plus 2-in-1 DB04250 0 < 1.13.0 or later
14 Plus DB14250 0 < 1.13.0 or later
15 DC15250 0 < 1.10.0 or later
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Dell would like to thank alexVinarskis for reporting this issue.