CVE-2024-22429

EPSS 0.06%
Published 17.05.2024 16:15:07
Last modified 30.01.2025 15:48:29
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Edge Gateway 5000 Firmware Version < 1.28.0

Dell ≫ Edge Gateway 5000 Version-

Dell ≫ Precision 5820 Tower Firmware Version < 2.36.0

Dell ≫ Precision 5820 Tower Version-

Dell ≫ Edge Gateway 3000 Firmware Version < 1.18.0

Dell ≫ Edge Gateway 3000 Version-

Dell ≫ Embedded Box Pc 3000 Firmware Version < 1.24.0

Dell ≫ Embedded Box Pc 3000 Version-

Dell ≫ Embedded Box Pc 5000 Firmware Version < 1.25.0

Dell ≫ Embedded Box Pc 5000 Version-

Dell ≫ Latitude 12 Rugged Extreme 7214 Firmware Version < 1.46.0

Dell ≫ Latitude 12 Rugged Extreme 7214 Version-

Dell ≫ Latitude 13 3380 Firmware Version < 1.27.0

Dell ≫ Latitude 13 3380 Version-

Dell ≫ Latitude 3180 Firmware Version < 1.29.0

Dell ≫ Latitude 3180 Version-

Dell ≫ Latitude 3189 Firmware Version < 1.29.0

Dell ≫ Latitude 3189 Version-

Dell ≫ Latitude 3190 Firmware Version < 1.34.0

Dell ≫ Latitude 3190 Version-

Dell ≫ Latitude 3190 2-in-1 Firmware Version < 1.34.0

Dell ≫ Latitude 3190 2-in-1 Version-

Dell ≫ Latitude 3300 Firmware Version < 1.28.0

Dell ≫ Latitude 3300 Version-

Dell ≫ Latitude 3390 2-in-1 Firmware Version < 1.31.0

Dell ≫ Latitude 3390 2-in-1 Version-

Dell ≫ Latitude 5280 Firmware Version < 1.36.0

Dell ≫ Latitude 5280 Version-

Dell ≫ Latitude 5288 Firmware Version < 1.36.0

Dell ≫ Latitude 5288 Version-

Dell ≫ Latitude 5290 Firmware Version < 1.35.0

Dell ≫ Latitude 5290 Version-

Dell ≫ Latitude 5290 2-in-1 Firmware Version < 1.34.0

Dell ≫ Latitude 5290 2-in-1 Version-

Dell ≫ Latitude 5400 Firmware Version < 1.30.0

Dell ≫ Latitude 5400 Version-

Dell ≫ Latitude 5414 Rugged Firmware Version < 1.46.0

Dell ≫ Latitude 5414 Rugged Version-

Dell ≫ Latitude 5420 Rugged Firmware Version < 1.32.0

Dell ≫ Latitude 5420 Rugged Version-

Dell ≫ Latitude 5424 Rugged Firmware Version < 1.32.0

Dell ≫ Latitude 5424 Rugged Version-

Dell ≫ Latitude 5480 Firmware Version < 1.36.0

Dell ≫ Latitude 5480 Version-

Dell ≫ Latitude 5488 Firmware Version < 1.36.0

Dell ≫ Latitude 5488 Version-

Dell ≫ Latitude 5490 Firmware Version < 1.35.0

Dell ≫ Latitude 5490 Version-

Dell ≫ Latitude 5580 Firmware Version < 1.36.0

Dell ≫ Latitude 5580 Version-

Dell ≫ Latitude 5590 Firmware Version < 1.35.0

Dell ≫ Latitude 5590 Version-

Dell ≫ Latitude 7212 Rugged Extreme Tablet Firmware Version < 1.50.0

Dell ≫ Latitude 7212 Rugged Extreme Tablet Version-

Dell ≫ Latitude 7280 Firmware Version < 1.37.0

Dell ≫ Latitude 7280 Version-

Dell ≫ Latitude 7285 2-in-1 Firmware Version < 1.26.0

Dell ≫ Latitude 7285 2-in-1 Version-

Dell ≫ Latitude 7290 Firmware Version < 1.38.0

Dell ≫ Latitude 7290 Version-

Dell ≫ Latitude 7380 Firmware Version < 1.37.0

Dell ≫ Latitude 7380 Version-

Dell ≫ Latitude 7390 Firmware Version < 1.38.0

Dell ≫ Latitude 7390 Version-

Dell ≫ Latitude 7390 2-in-1 Firmware Version < 1.35.0

Dell ≫ Latitude 7390 2-in-1 Version-

Dell ≫ Latitude 7414 Rugged Firmware Version < 1.46.0

Dell ≫ Latitude 7414 Rugged Version-

Dell ≫ Latitude 7424 Rugged Extreme Firmware Version < 1.32.0

Dell ≫ Latitude 7424 Rugged Extreme Version-

Dell ≫ Latitude 7480 Firmware Version < 1.37.0

Dell ≫ Latitude 7480 Version-

Dell ≫ Latitude 7490 Firmware Version < 1.38.0

Dell ≫ Latitude 7490 Version-

Dell ≫ Optiplex 3050 Firmware Version < 1.30.0

Dell ≫ Optiplex 3050 Version-

Dell ≫ Optiplex 3050 All-in-one Firmware Version < 1.32.0

Dell ≫ Optiplex 3050 All-in-one Version-

Dell ≫ Optiplex 5050 Firmware Version < 1.30.0

Dell ≫ Optiplex 5050 Version-

Dell ≫ Optiplex 7450 All-in-one Firmware Version < 1.32.0

Dell ≫ Optiplex 7450 All-in-one Version-

Dell ≫ Precision 3420 Tower Firmware Version < 2.30.0

Dell ≫ Precision 3420 Tower Version-

Dell ≫ Precision 3520 Firmware Version < 1.36.0

Dell ≫ Precision 3520 Version-

Dell ≫ Precision 3620 Tower Firmware Version < 2.30.0

Dell ≫ Precision 3620 Tower Version-

Dell ≫ Precision 5520 Firmware Version < 1.38.0

Dell ≫ Precision 5520 Version-

Dell ≫ Precision 5530 2-in-1 Firmware Version < 1.31.8

Dell ≫ Precision 5530 2-in-1 Version-

Dell ≫ Precision 7520 Firmware Version < 1.36.0

Dell ≫ Precision 7520 Version-

Dell ≫ Precision 7720 Firmware Version < 1.36.0

Dell ≫ Precision 7720 Version-

Dell ≫ Wyse 5070 Firmware Version < 1.31.0

Dell ≫ Wyse 5070 Version-

Dell ≫ Wyse 7040 Thin Client Firmware Version < 1.25.0

Dell ≫ Wyse 7040 Thin Client Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.176

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
security_alert@emc.com	7.5	0.8	6	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-22429

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-22429

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-22429

EUVD