CVE-2024-32855
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
25/06/2024
Last modified:
04/02/2025
Description
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
Impact
Base Score 3.x
3.80
Severity 3.x
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:* | 1.30.0 (excluding) | |
| cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:* | 1.30.0 (excluding) | |
| cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3120_firmware:*:*:*:*:*:*:*:* | 1.26.0 (excluding) | |
| cpe:2.3:h:dell:latitude_3120:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:* | 1.34.0 (excluding) | |
| cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3190_2-in-1_firmware:*:*:*:*:*:*:*:* | 1.34.0 (excluding) | |
| cpe:2.3:h:dell:latitude_3190_2-in-1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:* | 1.28.0 (excluding) | |
| cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3310_firmware:*:*:*:*:*:*:*:* | 1.25.0 (excluding) | |
| cpe:2.3:h:dell:latitude_3310:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:latitude_3310_2-in-1_firmware:*:*:*:*:*:*:*:* | 1.24.0 (excluding) |
To consult the complete list of CPE names with products and versions, see this page