Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00034.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Dell CPG BIOS unaffected
Version Status Constraints
N/A affected < 2.8.0
N/A affected < 1.0.24
N/A affected < 1.1.25
N/A affected < 1.19.0
N/A affected < 1.12.0
N/A affected < 1.13.0
N/A affected < 2.18.0
N/A affected < 2.7.0
N/A affected < 1.16.0

Configuration 1 [-]

AND
cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Dell Subscribe
Alienware Area 51m R2 Subscribe
Alienware Area 51m R2 Firmware Subscribe
Alienware Aurora R10 Subscribe
Alienware Aurora R10 Firmware Subscribe
Alienware Aurora R11 Subscribe
Alienware Aurora R11 Firmware Subscribe
Alienware Aurora R12 Subscribe
Alienware Aurora R12 Firmware Subscribe
Alienware Aurora R13 Subscribe
Alienware Aurora R13 Firmware Subscribe
Alienware Aurora R15 Subscribe
Alienware Aurora R15 Amd Subscribe
Alienware Aurora R15 Amd Firmware Subscribe
Alienware Aurora R15 Firmware Subscribe
Alienware Aurora Ryzen Edition R14 Subscribe
Alienware Aurora Ryzen Edition R14 Firmware Subscribe
Alienware M15 R3 Subscribe
Alienware M15 R3 Firmware Subscribe
Alienware M15 R4 Subscribe
Alienware M15 R4 Firmware Subscribe
Alienware M17 R3 Subscribe
Alienware M17 R3 Firmware Subscribe
Alienware M17 R4 Subscribe
Alienware M17 R4 Firmware Subscribe
Alienware X14 Subscribe
Alienware X14 Firmware Subscribe
Alienware X15 R1 Subscribe
Alienware X15 R1 Firmware Subscribe
Alienware X15 R2 Subscribe
Alienware X15 R2 Firmware Subscribe
Alienware X17 R1 Subscribe
Alienware X17 R1 Firmware Subscribe
Alienware X17 R2 Subscribe
Alienware X17 R2 Firmware Subscribe
Aurora R16 Subscribe
Aurora R16 Firmware Subscribe
Inspiron 15 3510 Subscribe
Inspiron 15 3510 Firmware Subscribe
Inspiron 15 3521 Subscribe
Inspiron 15 3521 Firmware Subscribe
Inspiron 3502 Subscribe
Inspiron 3502 Firmware Subscribe
Xps 8950 Subscribe
Xps 8950 Firmware Subscribe
Xps 8960 Subscribe
Xps 8960 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2024-30642 Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067 cve-icon cve-icon
History

Tue, 24 Sep 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell alienware Area 51m R2
Dell alienware Area 51m R2 Firmware
Dell alienware Aurora R10
Dell alienware Aurora R10 Firmware
Dell alienware Aurora R11
Dell alienware Aurora R11 Firmware
Dell alienware Aurora R12
Dell alienware Aurora R12 Firmware
Dell alienware Aurora R13
Dell alienware Aurora R13 Firmware
Dell alienware Aurora R15
Dell alienware Aurora R15 Amd
Dell alienware Aurora R15 Amd Firmware
Dell alienware Aurora R15 Firmware
Dell alienware Aurora Ryzen Edition R14
Dell alienware Aurora Ryzen Edition R14 Firmware
Dell alienware M15 R3
Dell alienware M15 R3 Firmware
Dell alienware M15 R4
Dell alienware M15 R4 Firmware
Dell alienware M17 R3
Dell alienware M17 R3 Firmware
Dell alienware M17 R4
Dell alienware M17 R4 Firmware
Dell alienware X14
Dell alienware X14 Firmware
Dell alienware X15 R1
Dell alienware X15 R1 Firmware
Dell alienware X15 R2
Dell alienware X15 R2 Firmware
Dell alienware X17 R1
Dell alienware X17 R1 Firmware
Dell alienware X17 R2
Dell alienware X17 R2 Firmware
Dell aurora R16
Dell aurora R16 Firmware
Dell inspiron 15 3510
Dell inspiron 15 3510 Firmware
Dell inspiron 15 3521
Dell inspiron 15 3521 Firmware
Dell inspiron 3502
Dell inspiron 3502 Firmware
Dell xps 8950
Dell xps 8950 Firmware
Dell xps 8960
Dell xps 8960 Firmware
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_r15_amd:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_aurora_ryzen_edition_r14:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:aurora_r16:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_15_3510:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_15_3521:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_8960:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r15_amd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_aurora_ryzen_edition_r14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:aurora_r16_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_15_3510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_15_3521_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xps_8960_firmware:*:*:*:*:*:*:*:*
Vendors & Products Dell
Dell alienware Area 51m R2
Dell alienware Area 51m R2 Firmware
Dell alienware Aurora R10
Dell alienware Aurora R10 Firmware
Dell alienware Aurora R11
Dell alienware Aurora R11 Firmware
Dell alienware Aurora R12
Dell alienware Aurora R12 Firmware
Dell alienware Aurora R13
Dell alienware Aurora R13 Firmware
Dell alienware Aurora R15
Dell alienware Aurora R15 Amd
Dell alienware Aurora R15 Amd Firmware
Dell alienware Aurora R15 Firmware
Dell alienware Aurora Ryzen Edition R14
Dell alienware Aurora Ryzen Edition R14 Firmware
Dell alienware M15 R3
Dell alienware M15 R3 Firmware
Dell alienware M15 R4
Dell alienware M15 R4 Firmware
Dell alienware M17 R3
Dell alienware M17 R3 Firmware
Dell alienware M17 R4
Dell alienware M17 R4 Firmware
Dell alienware X14
Dell alienware X14 Firmware
Dell alienware X15 R1
Dell alienware X15 R1 Firmware
Dell alienware X15 R2
Dell alienware X15 R2 Firmware
Dell alienware X17 R1
Dell alienware X17 R1 Firmware
Dell alienware X17 R2
Dell alienware X17 R2 Firmware
Dell aurora R16
Dell aurora R16 Firmware
Dell inspiron 15 3510
Dell inspiron 15 3510 Firmware
Dell inspiron 15 3521
Dell inspiron 15 3521 Firmware
Dell inspiron 3502
Dell inspiron 3502 Firmware
Dell xps 8950
Dell xps 8950 Firmware
Dell xps 8960
Dell xps 8960 Firmware

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-08-02T02:20:35.591Z

Reserved: 2024-04-19T09:34:13.526Z

Link: CVE-2024-32856

cve-icon Vulnrichment

Updated: 2024-07-17T13:07:19.167Z

cve-icon NVD

Status : Modified

Published: 2024-06-13T12:15:10.647

Modified: 2024-11-21T09:15:52.000

Link: CVE-2024-32856

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses