Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000224763/dsa-2024-122 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
History
25 Sep 2024, 14:25
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Dell precision 5550
Dell precision 5750 Dell precision 5550 Firmware Dell latitude 3510 Firmware Dell inspiron 7501 Firmware Dell latitude 3510 Dell latitude 3410 Firmware Dell g7 7500 Firmware Dell latitude 3520 Dell g5 5500 Dell g7 7700 Firmware Dell latitude 3410 Dell inspiron 7500 Firmware Dell xps 17 9700 Firmware Dell g3 3500 Firmware Dell Dell latitude 3520 Firmware Dell xps 15 9500 Firmware Dell g7 7500 Dell precision 5750 Firmware Dell vostro 7500 Dell g3 3500 Dell g7 7700 Dell g5 5500 Firmware Dell inspiron 7500 Dell inspiron 7501 Dell xps 17 9700 Dell latitude 3420 Dell latitude 3420 Firmware Dell vostro 7500 Firmware Dell xps 15 9500 |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
| CPE | cpe:2.3:o:dell:inspiron_7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3420:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g5_5500:-:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:latitude_3510_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:xps_15_9500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_7500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:precision_5550:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3510:-:*:*:*:*:*:*:* cpe:2.3:h:dell:precision_5750:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_7501_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:xps_15_9500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_7500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7700:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:* cpe:2.3:o:dell:latitude_3520_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g5_5500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:latitude_3420_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:xps_17_9700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g3_3500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:precision_5550_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:g3_3500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:xps_17_9700:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3410:-:*:*:*:*:*:*:* cpe:2.3:h:dell:latitude_3520:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_7501:-:*:*:*:*:*:*:* cpe:2.3:o:dell:precision_5750_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:latitude_3410_firmware:*:*:*:*:*:*:*:* |
|
| References | () https://www.dell.com/support/kbdoc/en-us/000224763/dsa-2024-122 - Vendor Advisory |
12 Jun 2024, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 07:15
Updated : 2024-09-25 14:25
NVD link : CVE-2024-0160
Mitre link : CVE-2024-0160
JSON object : View
Products Affected
dell
- inspiron_7500_firmware
- latitude_3520_firmware
- g5_5500
- g3_3500
- inspiron_7500
- precision_5550
- xps_17_9700_firmware
- precision_5750_firmware
- latitude_3420_firmware
- latitude_3510_firmware
- g7_7500_firmware
- vostro_7500_firmware
- latitude_3410
- xps_15_9500
- xps_15_9500_firmware
- vostro_7500
- latitude_3420
- g7_7700_firmware
- precision_5550_firmware
- g3_3500_firmware
- latitude_3410_firmware
- latitude_3510
- precision_5750
- g7_7500
- xps_17_9700
- g7_7700
- g5_5500_firmware
- inspiron_7501_firmware
- inspiron_7501
- latitude_3520
CWE
CWE-863
Incorrect Authorization