Lucene search
K

Dell Client BIOS Weak Password Recovery Mechanism (DSA-2025-153)

🗓️ 23 Apr 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 6 Views

Dell Client Platform firmware weak password recovery enables unauthorized access with physical access; patch DSA-2025-153.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2025-36579
16 Apr 202616:05
attackerkb
Circl
CVE-2025-36579
16 Apr 202618:14
circl
CNNVD
Dell Client Platform BIOS 安全漏洞
16 Apr 202600:00
cnnvd
CVE
CVE-2025-36579
16 Apr 202616:05
cve
Cvelist
CVE-2025-36579
16 Apr 202616:05
cvelist
EUVD
EUVD-2025-209501
16 Apr 202618:31
euvd
NVD
CVE-2025-36579
16 Apr 202617:16
nvd
Positive Technologies
PT-2026-33341
16 Apr 202600:00
ptsecurity
Vulnrichment
CVE-2025-36579
16 Apr 202616:05
vulnrichment
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(309963);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/27");

  script_cve_id("CVE-2025-36579");
  script_xref(name:"IAVA", value:"2026-A-0367");

  script_name(english:"Dell Client BIOS Weak Password Recovery Mechanism (DSA-2025-153)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with
physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dcbf7021");
  script_set_attribute(attribute:"solution", value:
"Apply the security patch in accordance with the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-36579");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/04/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:dell:bios");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("bios_get_info_wmi.nbin");
  script_require_keys("BIOS/Model", "BIOS/Version", "BIOS/Vendor");

  exit(0);
}

include('vcf_extras.inc');

var app_name = 'Dell Inc.';
var app_info = vcf::dell_bios_win::get_app_info(app:app_name);
var model = app_info['model'];

if (!model)
  exit(0, 'The model of the device running the Dell BIOS could not be identified.');

var model_fixes = {
  'Alienware 16 Area-51 AA16250': '1.9.0',
  'Alienware 16X Aurora AC16251': '1.8.1',
  'Alienware 18 Area-51 AA18250': '1.9.0',
  'Alienware Area-51 AAT2250': '1.11.0',
  'Alienware Aurora ACT1250': '1.10.0',
  'Alienware m15 R6': '1.42.0',
  'Alienware m15 R7': '1.37.0',
  'Alienware m16 R1': '1.32.0',
  'Alienware m16 R2': '1.18.0',
  'Alienware m18 R1': '1.32.0',
  'Alienware M18 R2': '1.20.0',
  'Alienware x14 R2': '1.30.1',
  'Alienware x16 R1': '1.30.1',
  'Alienware X16 R2': '1.18.1',
  'ChengMing 3900': '1.37.0',
  'ChengMing 3910': '1.32.0',
  'ChengMing 3911': '1.32.0',
  'ChengMing 3990': '1.35.1',
  'ChengMing 3991': '1.35.1',
  'Dell 14 DC14250': '1.4.0',
  'Dell 14 Premium DA14250': '1.5.1',
  'Dell 15 DC15250': '1.6.0',
  'Dell 16 DC16250': '1.7.0',
  'Dell 16 DC16251': '1.7.0',
  'Dell 16 Premium DA16250': '1.7.0',
  'Dell G15 5510': '1.38.0',
  'Dell G15 5511': '1.41.0',
  'Dell G15 5520': '1.38.0',
  'Dell G15 5530': '1.30.0',
  'Dell G16 7620': '1.38.0',
  'Dell G16 7630': '1.30.0',
  'Dell G5 5000': '1.28.2',
  'Dell Pro 13 Plus PB13250': '2.8.1',
  'Dell Pro 13 Plus PB13255': '1.9.1',
  'Dell Pro 13 Premium PA13250': '2.8.1',
  'Dell Pro 14 Essential PV14250': '1.4.0',
  'Dell Pro 14 PC14250': '1.10.2',
  'Dell Pro 14 Plus PB14250': '2.8.1',
  'Dell Pro 14 Plus PB14255': '1.9.1',
  'Dell Pro 14 Premium PA14250': '2.8.1',
  'Dell Pro 15 Essential PV15250': '1.2.0',
  'Dell Pro 16 PC16250': '1.10.2',
  'Dell Pro 16 Plus PB16250': '2.8.1',
  'Dell Pro 16 Plus PB16255': '1.9.1',
  'Dell Pro 24 All-in-One Plus': '1.10.1',
  'Dell Pro 24 All-in-One': '1.10.1',
  'Dell Pro Laptop PC14250': '1.10.2',
  'Dell Pro Laptop PC16250': '1.10.2',
  'Dell Pro Max 14 MC14250': '1.9.0',
  'Dell Pro Max 14 MC14255': '1.6.2',
  'Dell Pro Max 16 MC16250': '1.9.0',
  'Dell Pro Max 16 MC16255': '1.6.2',
  'Dell Pro Max Micro FCM2250': '1.10.1',
  'Dell Pro Max Slim FCS1250': '1.10.1',
  'Dell Pro Max Tower T2 FCT2250': '1.10.1',
  'Dell Pro Micro': '1.9.1',
  'QCM1255': '1.9.1',
  'Dell Pro Micro QCM1250': '1.10.1',
  'Dell Pro Micro Plus QBM1250': '1.10.1',
  'Dell Pro Rugged 13 RA13250': '1.12.1',
  'Dell Pro Rugged 14 RB14250': '1.12.1',
  'Dell Pro Slim': '1.9.1',
  'QCS1255': '1.9.1',
  'Dell Pro Slim Essential QVS1260': '1.10.1',
  'Dell Pro Slim Plus QBS1250': '1.10.1',
  'Dell Pro Slim QCS1250': '1.10.1',
  'Dell Pro Tower': '1.9.1',
  'QCT1255': '1.9.1',
  'Dell Pro Tower Essential QVT1260': '1.10.1',
  'Dell Pro Tower Plus QBT1250': '1.10.1',
  'Dell Pro Tower QCT1250': '1.10.1',
  'Dell Slim ECS1250': '1.10.1',
  'Dell Tower ECT1250': '1.10.1',
  'Dell Tower Plus EBT2250': '1.11.0',
  'Inspiron 13 5320': '1.30.0',
  'Inspiron 13 5330': '1.28.0',
  'Inspiron 14 5420': '1.33.0',
  'Inspiron 14 5430': '1.26.0',
  'Inspiron 14 5440': '1.19.0',
  'Inspiron 14 7420 2-in-1': '1.31.0',
  'Inspiron 14 7430 2-in-1': '1.26.0',
  'Inspiron 14 7440 2-in-1': '1.19.0',
  'Inspiron 14 Plus 7420': '1.34.0',
  'Inspiron 14 Plus 7430': '1.26.0',
  'Inspiron 14 Plus 7440': '1.22.0',
  'Inspiron 15 3511': '1.43.0',
  'Inspiron 15 3520': '1.39.0',
  'Inspiron 16 5620': '1.33.0',
  'Inspiron 16 5630': '1.26.0',
  'Inspiron 16 5640': '1.18.0',
  'Inspiron 16 7610': '1.36.0',
  'Inspiron 16 7620 2-in-1': '1.31.0',
  'Inspiron 16 7630 2-in-1': '1.26.0',
  'Inspiron 16 7640 2-in-1': '1.18.0',
  'Inspiron 16 Plus 7620': '1.34.0',
  'Inspiron 16 Plus 7630': '1.26.0',
  'Inspiron 16 Plus 7640': '1.22.0',
  'Inspiron 24 5420 All-in-One': '1.25.0',
  'Inspiron 24 5430 All-in-One': '1.18.0',
  'Inspiron 27 7720 All-in-One': '1.25.0',
  'Inspiron 27 7730 All-in-One': '1.18.0',
  'Inspiron 3020 Desktop': '1.32.0',
  'Inspiron 3020 Small Desktop': '1.32.0',
  'Inspiron 3030': '1.22.1',
  'Inspiron 3030S': '1.22.1',
  'Inspiron 3910': '1.37.0',
  'Inspiron 5400': '1.37.0',
  'Inspiron 5401': '1.37.0',
  'Inspiron 5401 AIO': '1.37.0',
  'Inspiron 5410 All-in-One': '1.35.0',
  'Inspiron 5510': '2.39.0',
  'Inspiron 7700 All-In-One': '1.37.0',
  'Inspiron 7710 All-in-One': '1.35.0',
  'Latitude 3120': '1.35.1',
  'Latitude 3140': '1.28.1',
  'Latitude 3140 2in1': '1.28.1',
  'Latitude 3320': '1.41.0',
  'Latitude 3330': '1.33.0',
  'Latitude 3340': '1.29.0',
  'Latitude 3410': '1.36.0',
  'Latitude 3420': '1.46.0',
  'Latitude 3430': '1.32.0',
  'Latitude 3440': '1.29.0',
  'Latitude 3450': '1.20.0',
  'Latitude 3510': '1.36.0',
  'Latitude 3520': '1.46.0',
  'Latitude 3530': '1.32.0',
  'Latitude 3540': '1.29.0',
  'Latitude 3550': '1.20.0',
  'Latitude 5300': '1.36.0',
  'Latitude 5300 2-in-1': '1.36.0',
  'Latitude 5310': '1.30.0',
  'Latitude 5310 2-in-1': '1.30.0',
  'Latitude 5320': '1.48.0',
  'Latitude 5330': '1.33.0',
  'Latitude 5340': '1.27.1',
  'Latitude 5350': '1.19.1',
  'Latitude 5400': '1.39.2',
  'Latitude 5401': '1.40.1',
  'Latitude 5410': '1.36.1',
  'Latitude 5411': '1.37.1',
  'Latitude 5420': '1.50.0',
  'Latitude 5421': '1.43.0',
  'Latitude 5430': '1.35.0',
  'Latitude 5430 Rugged Laptop': '1.41.0',
  'Latitude 5431': '1.36.0',
  'Latitude 5440': '1.28.1',
  'Latitude 5450': '1.20.1',
  'Latitude 5500': '1.39.2',
  'Latitude 5501': '1.40.1',
  'Latitude 5510': '1.36.1',
  'Latitude 5511': '1.37.1',
  'Latitude 5520': '1.48.0',
  'Latitude 5521': '1.40.0',
  'Latitude 5530': '1.33.0',
  'Latitude 5531': '1.33.0',
  'Latitude 5540': '1.27.1',
  'Latitude 5550': '1.19.1',
  'Latitude 7030 Rugged Extreme': '1.21.1',
  'Latitude 7200 2-In-1': '1.37.0',
  'Latitude 7210 2-in-1': '1.38.0',
  'Latitude 7220 Rugged Extreme': '1.45.1',
  'Latitude 7230 Rugged Extreme': '1.30.1',
  'Latitude 7300': '1.40.1',
  'Latitude 7310': '1.39.1',
  'Latitude 7320': '1.47.0',
  'Latitude 7320 Detachable': '1.44.0',
  'Latitude 7330': '1.37.0',
  'Latitude 7330 Rugged Laptop': '1.41.0',
  'Latitude 7340': '1.28.0',
  'Latitude 7350': '1.19.1',
  'Latitude 7350 Detachable': '1.19.0',
  'Latitude 7400': '1.40.1',
  'Latitude 7410': '1.39.1',
  'Latitude 7420': '1.47.0',
  'Latitude 7430': '1.37.0',
  'Latitude 7440': '1.28.1',
  'Latitude 7450': '1.19.2',
  'Latitude 7520': '1.47.0',
  'Latitude 7530': '1.37.0',
  'Latitude 7640': '1.28.1',
  'Latitude 7650': '1.19.2',
  'Latitude 9330': '1.34.0',
  'Latitude 9410': '1.37.1',
  'Latitude 9420': '1.44.0',
  'Latitude 9430': '1.37.0',
  'Latitude 9440 2-in-1': '1.27.0',
  'Latitude 9450': '1.18.1',
  'Latitude 9510 2in1': '1.36.0',
  'Latitude 9520': '1.44.0',
  'Latitude Rugged 7220EX': '1.45.1',
  'OptiPlex 3000 Micro': '1.37.0',
  'OptiPlex 3000 Small Form Factor': '1.37.0',
  'OptiPlex 3000 Tower': '1.37.0',
  'OptiPlex 3000 Thin Client': '1.31.1',
  'OptiPlex 3080': '2.33.0',
  'OptiPlex 3090': '2.27.0',
  'OptiPlex 3280 All-in-One': '1.38.0',
  'OptiPlex 5000 Micro': '1.37.0',
  'OptiPlex 5000 Small Form Factor': '1.37.0',
  'OptiPlex 5000 Tower': '1.37.0',
  'OptiPlex 5080': '1.33.0',
  'OptiPlex 5090 Micro': '1.40.0',
  'OptiPlex 5090 Small Form Factor': '1.40.0',
  'OptiPlex 5090 Tower': '1.40.0',
  'OptiPlex 5400 All-In-One': '1.1.55',
  'OptiPlex 5480 All-in-One': '1.39.0',
  'OptiPlex 5490 AIO': '1.45.0',
  'OptiPlex 7000 Micro': '1.38.0',
  'OptiPlex 7000 Small Form Factor': '1.38.0',
  'OptiPlex 7000 Tower': '1.38.0',
  'OptiPlex 7000 XE Micro': '1.38.0',
  'OptiPlex 7080': '1.36.0',
  'OptiPlex 7090 Tower': '1.40.0',
  'OptiPlex 7400 All-In-One': '1.1.55',
  'OptiPlex 7480 All-in-One': '1.39.0',
  'OptiPlex 7490 AIO': '1.45.0',
  'OptiPlex 7780 All-in-One': '1.39.0',
  'OptiPlex AIO 7420': '1.23.0',
  'OptiPlex All-in-One 7410': '1.33.0',
  'OptiPlex Micro 7010': '1.33.0',
  'OptiPlex Micro Plus 7010': '1.33.0',
  'OptiPlex Micro 7020': '1.23.1',
  'OptiPlex SFF 7020': '1.23.1',
  'OptiPlex Small Form Factor 7010': '1.33.0',
  'OptiPlex Small Form Factor Plus 7010': '1.33.0',
  'OptiPlex Tower 7010': '1.33.0',
  'OptiPlex Tower Plus 7010': '1.33.0',
  'OptiPlex Tower 7020': '1.22.1',
  'OptiPlex XE4 SFF': '1.38.0',
  'OptiPlex XE4 Tower': '1.38.0',
  'PC14255': '1.9.4',
  'PC16255': '1.9.4',
  'Precision 3240 CFF': '1.35.0',
  'Precision 3260 XE Compact': '3.23.1',
  'Precision 3260 Compact': '3.23.1',
  'Precision 3280 CFF': '1.20.1',
  'Precision 3440': '1.36.0',
  'Precision 3450': '1.40.0',
  'Precision 3460 XE Small Form Factor': '3.23.1',
  'Precision 3460 Small Form Factor': '3.23.1',
  'Precision 3470': '1.36.0',
  'Precision 3480': '1.28.1',
  'Precision 3490': '1.20.1',
  'Precision 3540': '1.39.2',
  'Precision 3541': '1.40.1',
  'Precision 3550': '1.36.1',
  'Precision 3551': '1.37.1',
  'Precision 3560': '1.48.0',
  'Precision 3561': '1.40.0',
  'Precision 3570': '1.33.0',
  'Precision 3571': '1.33.0',
  'Precision 3580': '1.27.1',
  'Precision 3581': '1.27.1',
  'Precision 3590': '1.19.1',
  'Precision 3591': '1.19.1',
  'Precision 3640': '1.39.0',
  'Precision 3650 MT': '1.45.0',
  'Precision 5470': '1.36.0',
  'Precision 5480': '1.25.1',
  'Precision 5490': '1.18.1',
  'Precision 5550': '1.36.1',
  'Precision 5560': '1.44.1',
  'Precision 5570': '1.38.0',
  'Precision 5680': '1.27.0',
  'Precision 5690': '1.20.0',
  'Precision 5750': '1.36.0',
  'Precision 5760': '1.38.0',
  'Precision 5770': '1.37.0',
  'Precision 5860 Tower': '3.4.1',
  'Precision 7540': '1.41.1',
  'Precision 7550': '1.39.1',
  'Precision 7560': '1.44.1',
  'Precision 7670': '1.35.0',
  'Precision 7680': '1.27.1',
  'Precision 7740': '1.41.1',
  'Precision 7750': '1.39.1',
  'Precision 7760': '1.44.1',
  'Precision 7770': '1.35.0',
  'Precision 7780': '1.27.1',
  'Precision 7960 Tower': '2.16.1',
  'Vostro 14 3420': '1.39.0',
  'Vostro 14 3440': '1.19.0',
  'Vostro 14 5410': '2.39.0',
  'Vostro 15 3510': '1.43.0',
  'Vostro 15 3520': '1.39.0',
  'Vostro 15 5510': '2.39.0',
  'Vostro 15 7510': '1.36.0',
  'Vostro 16 5630': '1.26.0',
  'Vostro 16 5640': '1.18.0',
  'Vostro 3030': '1.22.1',
  'Vostro 3030S': '1.22.1',
  'Vostro 3681': '2.35.1',
  'Vostro 3690': '1.40.0',
  'Vostro 3710': '1.37.0',
  'Vostro 3881': '2.35.1',
  'Vostro 3888': '2.35.1',
  'Vostro 3890': '1.40.0',
  'Vostro 3910': '1.37.0',
  'Vostro 5320': '1.30.0',
  'Vostro 5620': '1.33.0',
  'Vostro 5890': '1.40.0',
  'Vostro 7620': '1.34.0',
  'XPS 13 2in1 9310': '2.33.1',
  'XPS 13 9305': '1.30.0',
  'XPS 13 9310': '3.31.0',
  'XPS 13 9315': '1.35.0',
  'XPS 13 9340': '1.23.0',
  'XPS 13 9350': '1.16.1',
  'XPS 13 Plus 9320': '2.27.0',
  'XPS 14 9440': '1.21.0',
  'XPS 15 9500': '1.36.1',
  'XPS 15 9510': '1.44.1',
  'XPS 15 9520': '1.38.0',
  'XPS 15 9530': '1.29.0',
  'XPS 16 9640': '1.20.0',
  'XPS 17 9710': '1.38.0',
  'XPS 17 9720': '1.37.0',
  'XPS 17 9730': '1.25.0',
  'XPS 9315 2-in-1': '1.27.0',
  'XPS 9320': '2.27.0'
};

var fix = model_fixes[model];
if (isnull(fix))
  audit(AUDIT_HOST_NOT, 'an affected model');

var constraints = [{ 'fixed_version' : fix, 'fixed_display': fix + ' for ' + model }];
app_info.app = 'Dell System BIOS for ' + model;

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

27 Apr 2026 00:00Current
5.3Medium risk
Vulners AI Score5.3
CVSS 3.15.1
EPSS0.00176
SSVC
6