CVE-2024-42425
10.09.2024, 09:15
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.Enginsight
| Vendor | Product | Version |
|---|---|---|
| dell | precision_7920_firmware | 𝑥 < 2.22.1 |
| dell | 7920_xl_firmware | 𝑥 < 2.22.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-788 - Access of Memory Location After End of BufferThe software reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.