← Back

CVE-2024-28970

nvd nist
Published: Jun 12, 2024Modified: Nov 21, 2024

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 0.8 / Impact: 3.6
Source: NVD

Description

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.

Affected (14)

Dell
14 products
Vostro 5502 Firmware
Vostro 5402 Firmware
Precision 3660 Firmware
Inspiron 5509 Firmware
Inspiron 5502 Firmware
Inspiron 5409 Firmware
Inspiron 5402 Firmware
Inspiron 27 7720 All In One Firmware
Inspiron 24 5420 All In One Firmware
Inspiron 16 Plus 7640 Firmware
Inspiron 16 7640 2 In 1 Firmware
Inspiron 14 Plus 7440 Firmware
G7 7700 Firmware
G7 7500 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 5502 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Vostro 5502
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 5402 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Vostro 5402
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Precision 3660 Firmware
Before 2.14.0
Running on/withPlatform Versions
Dell
Precision 3660
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 5509 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Inspiron 5509
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 5502 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Inspiron 5502
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 5409 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Inspiron 5409
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 5402 Firmware
Before 1.30.0
Running on/withPlatform Versions
Dell
Inspiron 5402
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 27 7720 All In One Firmware
Before 1.11.0
Running on/withPlatform Versions
Dell
Inspiron 27 7720 All In One
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 24 5420 All In One Firmware
Before 1.11.0
Running on/withPlatform Versions
Dell
Inspiron 24 5420 All In One
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 16 Plus 7640 Firmware
Before 1.6.0
Running on/withPlatform Versions
Dell
Inspiron 16 Plus 7640
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 16 7640 2 In 1 Firmware
Before 1.4.0
Running on/withPlatform Versions
Dell
Inspiron 16 7640 2 In 1
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 14 Plus 7440 Firmware
Before 1.6.0
Running on/withPlatform Versions
Dell
Inspiron 14 Plus 7440
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
G7 7700 Firmware
Before 1.32.0
Running on/withPlatform Versions
Dell
G7 7700
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
G7 7500 Firmware
Before 1.32.0
Running on/withPlatform Versions
Dell
G7 7500
All versions

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.