CVE-2024-38483
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/08/2024
Last modified:
18/09/2024
Description
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Impact
Base Score 3.x
6.70
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:* | 1.35.0 (excluding) | |
| cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_3420_tower_firmware:*:*:*:*:*:*:*:* | 2.32.0 (excluding) | |
| cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:* | 2.32.0 (excluding) | |
| cpe:2.3:h:dell:precision_3620_tower:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:* | 1.26.0 (excluding) | |
| cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:* | 1.37.0 (excluding) | |
| cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_7520_firmware:1.37.0:*:*:*:*:*:*:* | ||
| cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:* | 1.32.8 (excluding) | |
| cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:* | 1.39.0 (excluding) |
To consult the complete list of CPE names with products and versions, see this page