Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 | Vendor Advisory |
| https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
History
21 Nov 2024, 09:07
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
| References | () https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 - Vendor Advisory |
18 Sep 2024, 13:04
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 - Vendor Advisory | |
| CPE | cpe:2.3:h:dell:vostro_5402:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5402_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5509:-:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:precision_3660:-:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5402_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5409:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_27_7720_all-in-one_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_14_plus_7440_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5502:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5502_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_16_plus_7640:-:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5502_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_24_5420_all-in-one:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_27_7720_all-in-one:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_5502:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7700:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5509_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_16_plus_7640_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:precision_3660_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_16_7640_2-in-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_16_7640_2-in-1:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5409_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_24_5420_all-in-one_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_14_plus_7440:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5402:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.4 |
| First Time |
Dell inspiron 5402
Dell g7 7700 Firmware Dell inspiron 5409 Firmware Dell vostro 5502 Firmware Dell inspiron 5502 Firmware Dell inspiron 24 5420 All-in-one Firmware Dell inspiron 16 7640 2-in-1 Firmware Dell g7 7500 Firmware Dell inspiron 5409 Dell inspiron 27 7720 All-in-one Dell inspiron 16 Plus 7640 Dell inspiron 14 Plus 7440 Firmware Dell vostro 5402 Dell vostro 5402 Firmware Dell g7 7700 Dell inspiron 5502 Dell inspiron 16 Plus 7640 Firmware Dell vostro 5502 Dell inspiron 16 7640 2-in-1 Dell inspiron 5509 Dell inspiron 5509 Firmware Dell precision 3660 Dell inspiron 27 7720 All-in-one Firmware Dell inspiron 24 5420 All-in-one Dell inspiron 14 Plus 7440 Dell Dell precision 3660 Firmware Dell inspiron 5402 Firmware Dell g7 7500 |
13 Jun 2024, 18:36
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
12 Jun 2024, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 07:15
Updated : 2024-11-21 09:07
NVD link : CVE-2024-28970
Mitre link : CVE-2024-28970
CVE.ORG link : CVE-2024-28970
JSON object : View
Products Affected
dell
- vostro_5402_firmware
- vostro_5502
- g7_7500
- inspiron_27_7720_all-in-one
- inspiron_5502_firmware
- inspiron_27_7720_all-in-one_firmware
- inspiron_5409_firmware
- inspiron_5509_firmware
- inspiron_14_plus_7440
- inspiron_5509
- vostro_5502_firmware
- inspiron_5402_firmware
- inspiron_5409
- g7_7500_firmware
- precision_3660
- g7_7700
- inspiron_14_plus_7440_firmware
- inspiron_5502
- inspiron_16_7640_2-in-1
- vostro_5402
- inspiron_16_plus_7640
- inspiron_24_5420_all-in-one
- inspiron_24_5420_all-in-one_firmware
- inspiron_5402
- inspiron_16_7640_2-in-1_firmware
- precision_3660_firmware
- inspiron_16_plus_7640_firmware
- g7_7700_firmware
CWE
CWE-787
Out-of-bounds Write