Authentication Bypass Vulnerability in Dell Client Platform BIOS
CVE-2026-35159

5.3MEDIUM

What is CVE-2026-35159?

A vulnerability exists in Dell Client Platform BIOS that allows an unauthenticated attacker with physical access to the device to bypass authentication mechanisms. This flaw could enable unauthorized access, potentially leading to information disclosure. Users should ensure their systems are updated to mitigate risks associated with this vulnerability.

Affected Version(s)

14 Plus 2-in-1 DB04250 0 < 1.13.0 or later

14 Plus DB14250 0 < 1.13.0 or later

15 DC15250 0 < 1.10.0 or later

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dell would like to thank alexVinarskis for reporting this issue.
.