CVE-2024-32858

EPSS 0.04%
Published 13.06.2024 13:15:48
Last modified 21.11.2024 09:15:52
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Xps 8960 Firmware Version < 2.6.0

Dell ≫ Xps 8960 Version-

Dell ≫ Xps 8950 Firmware Version < 1.19.0

Dell ≫ Xps 8950 Version-

Dell ≫ Inspiron 3502 Firmware Version < 1.16.0

Dell ≫ Inspiron 3502 Version-

Dell ≫ Inspiron 15 3521 Firmware Version < 1.14.0

Dell ≫ Inspiron 15 3521 Version-

Dell ≫ Inspiron 15 3510 Firmware Version < 1.19.0

Dell ≫ Inspiron 15 3510 Version-

Dell ≫ Aurora R16 Firmware Version < 2.7.0

Dell ≫ Aurora R16 Version-

Dell ≫ Alienware X17 R2 Firmware Version < 1.20.0

Dell ≫ Alienware X17 R2 Version-

Dell ≫ Alienware X17 R1 Firmware Version < 1.22.0

Dell ≫ Alienware X17 R1 Version-

Dell ≫ Alienware X15 R2 Firmware Version < 1.20.0

Dell ≫ Alienware X15 R2 Version-

Dell ≫ Alienware X15 R1 Firmware Version < 1.22.0

Dell ≫ Alienware X15 R1 Version-

Dell ≫ Alienware X14 Firmware Version < 1.18.0

Dell ≫ Alienware X14 Version-

Dell ≫ Alienware M17 R4 Firmware Version < 1.21.0

Dell ≫ Alienware M17 R4 Version-

Dell ≫ Alienware M17 R3 Firmware Version < 1.27.0

Dell ≫ Alienware M17 R3 Version-

Dell ≫ Alienware M15 R4 Firmware Version < 1.21.0

Dell ≫ Alienware M15 R4 Version-

Dell ≫ Alienware M15 R3 Firmware Version < 1.27.0

Dell ≫ Alienware M15 R3 Version-

Dell ≫ Alienware Aurora Ryzen Edition R14 Firmware Version < 2.18.0

Dell ≫ Alienware Aurora Ryzen Edition R14 Version-

Dell ≫ Alienware Aurora R15 Amd Firmware Version < 1.13.0

Dell ≫ Alienware Aurora R15 Amd Version-

Dell ≫ Alienware Aurora R15 Firmware Version < 1.12.0

Dell ≫ Alienware Aurora R15 Version-

Dell ≫ Alienware Aurora R13 Firmware Version < 1.19.0

Dell ≫ Alienware Aurora R13 Version-

Dell ≫ Alienware Aurora R12 Firmware Version < 1.1.25

Dell ≫ Alienware Aurora R12 Version-

Dell ≫ Alienware Aurora R11 Firmware Version < 1.0.24

Dell ≫ Alienware Aurora R11 Version-

Dell ≫ Alienware Aurora R10 Firmware Version < 2.8.0

Dell ≫ Alienware Aurora R10 Version-

Dell ≫ Alienware Area 51m R2 Firmware Version < 1.26.0

Dell ≫ Alienware Area 51m R2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.101

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
security_alert@emc.com	7.5	0.8	6	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-32858

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-32858

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-32858

EUVD