CVE-2024-28970

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
12/06/2024
Last modified:
18/09/2024

Description

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:dell:vostro_5502_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:vostro_5502:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_5402_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:vostro_5402:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_3660_firmware:*:*:*:*:*:*:*:* 2.14.0 (excluding)
cpe:2.3:h:dell:precision_3660:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5509_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:inspiron_5509:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5502_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:inspiron_5502:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5409_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:inspiron_5409:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5402_firmware:*:*:*:*:*:*:*:* 1.30.0 (excluding)
cpe:2.3:h:dell:inspiron_5402:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_27_7720_all-in-one_firmware:*:*:*:*:*:*:*:* 1.11.0 (excluding)


References to Advisories, Solutions, and Tools