Lucene search
DellCVE-2024-38483HistoryAug 14, 2024 - 10:15 a.m.
CVE-2024-38483
2024-08-1410:15:06
CWE-20
dell
web.nvd.nist.gov
28
dell
bios
input validation
vulnerability
code execution
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.5%
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Affected configurations
Node
delllatitude_5290_2-in-1_firmwareRange<1.35.0
delllatitude_5290_2-in-1Match-
Node
dellprecision_3420_tower_firmwareRange<2.32.0
dellprecision_3420Match-
Node
dellprecision_3620_firmwareRange<2.32.0
dellprecision_3620_towerMatch-
Node
dellwyse_7040_thin_client_firmwareRange<1.26.0
dellwyse_7040_thin_clientMatch-
Node
dellprecision_7720_firmwareRange<1.37.0
dellprecision_7720Match-
Node
dellprecision_7520_firmwareMatch1.37.0
dellprecision_7520Match-
Node
dellprecision_5530_2-in-1_firmwareRange<1.32.8
dellprecision_5530_2-in-1Match-
Node
dellprecision_5520_firmwareRange<1.39.0
dellprecision_5520Match-
Node
dellprecision_3520_firmwareRange<1.37.0
dellprecision_3520Match-
Node
delloptiplex_7450_all-in-one_firmwareRange<1.34.0
delloptiplex_7450_all-in-oneMatch-
Node
delloptiplex_5050_firmwareRange<1.31.0
delloptiplex_5050Match-
Node
delloptiplex_3050_all-in-one_firmwareRange<1.34.0
delloptiplex_3050_all-in-oneMatch-
Node
delloptiplex_3050_firmwareRange<1.31.0
delloptiplex_3050Match-
Node
delllatitude_7490_firmwareRange<1.39.0
delllatitude_7490Match-
Node
delllatitude_7480_firmwareRange<1.38.0
delllatitude_7480Match-
Node
delllatitude_7424_rugged_extreme_firmwareRange<1.34.0
delllatitude_7424_rugged_extremeMatch-
Node
delllatitude_7414_rugged_firmwareRange<1.47.0
delllatitude_7414_ruggedMatch-
Node
delllatitude_7390_2-in-1_firmwareRange<1.36.0
delllatitude_7390_2-in-1Match-
Node
delllatitude_7390_firmwareRange<1.39.0
delllatitude_7390Match-
Node
delllatitude_7380_firmwareRange<1.38.0
delllatitude_7380Match-
Node
delllatitude_7290_firmwareRange<1.39.0
delllatitude_7290Match-
Node
delllatitude_7285_2-in-1_firmwareRange<1.27.0
delllatitude_7285_2-in-1Match-
Node
delllatitude_7280_firmwareRange<1.38.0
delllatitude_7280Match-
Node
delllatitude_7212_rugged_extreme_tablet_firmwareRange<1.51.0
delllatitude_7212_rugged_extreme_tabletMatch-
Node
delllatitude_5590_firmwareRange<1.36.0
delllatitude_5590Match-
Node
delllatitude_5580_firmwareRange<1.37.0
delllatitude_5580Match-
Node
delllatitude_5490_firmwareRange<1.36.0
delllatitude_5490Match-
Node
delllatitude_5488_firmwareRange<1.37.0
delllatitude_5488Match-
Node
delllatitude_5480_firmwareRange<1.37.0
delllatitude_5480Match-
Node
delllatitude_5424_rugged_firmwareRange<1.34.0
delllatitude_5424_ruggedMatch-
Node
delllatitude_5420_rugged_firmwareRange<1.34.0
delllatitude_5420_ruggedMatch-
Node
delllatitude_5414_rugged_firmwareRange<1.47.0
delllatitude_5414_ruggedMatch-
Node
delllatitude_5400_firmwareRange<1.32.0
delllatitude_5400Match-
Node
delllatitude_5290_firmwareRange<1.36.0
delllatitude_5290Match-
Node
delllatitude_5288_firmwareRange<1.37.0
delllatitude_5288Match-
Node
delllatitude_5280_firmwareRange<1.37.0
delllatitude_5280Match-
Node
delllatitude_3390_2-in-1_firmwareRange<1.32.0
delllatitude_3390_2-in-1Match-
Node
delllatitude_3300_firmwareRange<1.29.0
delllatitude_3300Match-
Node
delllatitude_13_3380_firmwareRange<1.28.0
delllatitude_13_3380Match-
Node
delllatitude_12_rugged_extreme_7214_firmwareRange<1.47.0
delllatitude_12_rugged_extreme_7214Match-
Node
dellembedded_box_pc_5000_firmwareRange<1.26.0
dellembedded_box_pc_5000Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | latitude_5290_2-in-1_firmware | * | cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:* |
| dell | latitude_5290_2-in-1 | - | cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:* |
| dell | precision_3420_tower_firmware | * | cpe:2.3:o:dell:precision_3420_tower_firmware:*:*:*:*:*:*:*:* |
| dell | precision_3420 | - | cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:* |
| dell | precision_3620_firmware | * | cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:* |
| dell | precision_3620_tower | - | cpe:2.3:h:dell:precision_3620_tower:-:*:*:*:*:*:*:* |
| dell | wyse_7040_thin_client_firmware | * | cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:* |
| dell | wyse_7040_thin_client | - | cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:* |
| dell | precision_7720_firmware | * | cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:* |
| dell | precision_7720 | - | cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Dell Client Platform BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.35.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.32.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.26.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-38483
2024-08-14 10:15:06
cvelist
cvelist
CVE-2024-38483
2024-08-14 09:24:10
vulnrichment
vulnrichment
CVE-2024-38483
2024-08-14 09:24:10
nessus
nessus
Dell Client BIOS Improper Input validation (DSA-2024-260)
2024-08-23 00:00:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2024-38483