CVE-2024-32856

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.1 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
dellCNA
5.1 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
dellxps_8960_firmware
𝑥
< 2.6.0
dellxps_8950_firmware
𝑥
< 1.19.0
dellinspiron_3502_firmware
𝑥
< 1.16.0
dellinspiron_15_3521_firmware
𝑥
< 1.14.0
dellinspiron_15_3510_firmware
𝑥
< 1.19.0
dellaurora_r16_firmware
𝑥
< 2.7.0
dellalienware_x17_r2_firmware
𝑥
< 1.20.0
dellalienware_x17_r1_firmware
𝑥
< 1.22.0
dellalienware_x15_r2_firmware
𝑥
< 1.20.0
dellalienware_x15_r1_firmware
𝑥
< 1.22.0
dellalienware_x14_firmware
𝑥
< 1.18.0
dellalienware_m17_r4_firmware
𝑥
< 1.21.0
dellalienware_m17_r3_firmware
𝑥
< 1.27.0
dellalienware_m15_r4_firmware
𝑥
< 1.21.0
dellalienware_m15_r3_firmware
𝑥
< 1.27.0
dellalienware_aurora_ryzen_edition_r14_firmware
𝑥
< 2.18.0
dellalienware_aurora_r15_amd_firmware
𝑥
< 1.13.0
dellalienware_aurora_r15_firmware
𝑥
< 1.12.0
dellalienware_aurora_r13_firmware
𝑥
< 1.19.0
dellalienware_aurora_r12_firmware
𝑥
< 1.1.25
dellalienware_aurora_r11_firmware
𝑥
< 1.0.24
dellalienware_aurora_r10_firmware
𝑥
< 2.8.0
dellalienware_area_51m_r2_firmware
𝑥
< 1.26.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067
https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067