CVE-2024-39584
EUVD-2024-3810628.08.2024, 06:15
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | xps_8960_firmware | 𝑥 < 2.12.0 |
| dell | xps_8950_firmware | 𝑥 < 1.21.0 |
| dell | inspiron_3502_firmware | 𝑥 < 1.18.0 |
| dell | inspiron_15_3521_firmware | 𝑥 < 1.16.0 |
| dell | inspiron_15_3510_firmware | 𝑥 < 1.21.0 |
| dell | aurora_r16_firmware | 𝑥 < 2.13.0 |
| dell | alienware_x17_r2_firmware | 𝑥 < 1.22.0 |
| dell | alienware_x17_r1_firmware | 𝑥 < 1.24.0 |
| dell | alienware_x15_r2_firmware | 𝑥 < 1.22.0 |
| dell | alienware_x15_r1_firmware | 𝑥 < 1.24.0 |
| dell | alienware_x14_firmware | 𝑥 < 1.21.0 |
| dell | alienware_m17_r4_firmware | 𝑥 < 1.24.0 |
| dell | alienware_m17_r3_firmware | 𝑥 < 1.29.0 |
| dell | alienware_m15_r4_firmware | 𝑥 < 1.24.0 |
| dell | alienware_m15_r3_firmware | 𝑥 < 1.29.0 |
| dell | alienware_aurora_ryzen_edition_r14_firmware | 𝑥 < 2.19.1 |
| dell | alienware_aurora_r15_amd_firmware | 𝑥 < 1.15.0 |
| dell | alienware_aurora_r15_firmware | 𝑥 < 1.17.0 |
| dell | alienware_aurora_r13_firmware | 𝑥 < 1.21.0 |
| dell | alienware_area_51m_r2_firmware | 𝑥 < 1.29.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| dell | alienware_m17_r3_firmware | 𝑥 < 1.29.0 | ADP |
| dell | alienware_aurora_r15_amd_firmware | 𝑥 < 1.15.0 | ADP |
| dell | alienware_x14_firmware | 𝑥 < 1.21.0 | ADP |
| dell | alienware_x15_r1_firmware | 𝑥 < 1.24.0 | ADP |
Common Weakness Enumeration