Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 | Vendor Advisory |
| https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
History
21 Nov 2024, 09:07
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
| References | () https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 - Vendor Advisory |
18 Sep 2024, 13:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:dell:inspiron_27_7720_all-in-one_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_14_plus_7440:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_24_5420_all-in-one:-:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7700:-:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5402_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_24_5420_all-in-one_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5409_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_16_7640_2-in-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5502_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5509_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5502_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5502:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5409:-:*:*:*:*:*:*:* cpe:2.3:o:dell:precision_3660_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_5402:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_5502:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5402_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:g7_7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_27_7720_all-in-one:-:*:*:*:*:*:*:* cpe:2.3:h:dell:precision_3660:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_14_plus_7440_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5402:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_16_plus_7640_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_16_7640_2-in-1:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_16_plus_7640:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5509:-:*:*:*:*:*:*:* |
|
| First Time |
Dell inspiron 5502
Dell inspiron 5409 Firmware Dell precision 3660 Dell inspiron 14 Plus 7440 Firmware Dell inspiron 27 7720 All-in-one Firmware Dell inspiron 16 Plus 7640 Firmware Dell vostro 5502 Firmware Dell g7 7700 Firmware Dell inspiron 16 7640 2-in-1 Dell inspiron 16 7640 2-in-1 Firmware Dell g7 7500 Dell vostro 5402 Dell precision 3660 Firmware Dell inspiron 24 5420 All-in-one Firmware Dell inspiron 5402 Firmware Dell Dell inspiron 16 Plus 7640 Dell vostro 5502 Dell inspiron 5409 Dell inspiron 5402 Dell inspiron 5502 Firmware Dell inspiron 14 Plus 7440 Dell inspiron 24 5420 All-in-one Dell inspiron 5509 Firmware Dell g7 7700 Dell inspiron 5509 Dell inspiron 27 7720 All-in-one Dell g7 7500 Firmware Dell vostro 5402 Firmware |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.4 |
| References | () https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168 - Vendor Advisory |
13 Jun 2024, 18:36
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
12 Jun 2024, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 07:15
Updated : 2024-11-21 09:07
NVD link : CVE-2024-28970
Mitre link : CVE-2024-28970
CVE.ORG link : CVE-2024-28970
JSON object : View
Products Affected
dell
- inspiron_24_5420_all-in-one_firmware
- inspiron_16_plus_7640
- inspiron_27_7720_all-in-one_firmware
- inspiron_5502_firmware
- g7_7500
- inspiron_14_plus_7440_firmware
- inspiron_5409_firmware
- inspiron_5509_firmware
- inspiron_14_plus_7440
- inspiron_27_7720_all-in-one
- inspiron_24_5420_all-in-one
- vostro_5502_firmware
- vostro_5402_firmware
- vostro_5402
- inspiron_5509
- inspiron_16_plus_7640_firmware
- g7_7700
- g7_7500_firmware
- inspiron_5402
- g7_7700_firmware
- inspiron_16_7640_2-in-1
- inspiron_5409
- precision_3660
- inspiron_16_7640_2-in-1_firmware
- inspiron_5402_firmware
- inspiron_5502
- vostro_5502
- precision_3660_firmware
CWE
CWE-787
Out-of-bounds Write