CVE-2024-22429

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
17/05/2024
Last modified:
30/01/2025

Description

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:* 1.28.0 (excluding)
cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_5820_tower_firmware:*:*:*:*:*:*:*:* 2.36.0 (excluding)
cpe:2.3:h:dell:precision_5820_tower:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:* 1.18.0 (excluding)
cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:* 1.24.0 (excluding)
cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:* 1.25.0 (excluding)
cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_12_rugged_extreme_7214_firmware:*:*:*:*:*:*:*:* 1.46.0 (excluding)
cpe:2.3:h:dell:latitude_12_rugged_extreme_7214:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_13_3380_firmware:*:*:*:*:*:*:*:* 1.27.0 (excluding)
cpe:2.3:h:dell:latitude_13_3380:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_3180_firmware:*:*:*:*:*:*:*:* 1.29.0 (excluding)