← Back to CVEs
CVE-2024-25942
MEDIUM4.4
Description
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
CVE Details
CVSS v3.1 Score4.4
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
Attack VectorPHYSICAL
ComplexityHIGH
Privileges RequiredHIGH
User InteractionNONE
Published3/19/2024
Last Modified2/4/2025
Sourcenvd
Honeypot Sightings0
Affected Products
dell:nx3230dell:nx3230_firmwaredell:nx3330dell:nx3330_firmwaredell:poweredge_c4130dell:poweredge_c4130_firmwaredell:poweredge_c6320dell:poweredge_c6320_firmwaredell:poweredge_fc430dell:poweredge_fc430_firmwaredell:poweredge_fc630dell:poweredge_fc630_firmwaredell:poweredge_fc830dell:poweredge_fc830_firmwaredell:poweredge_m630dell:poweredge_m630_\(pe_vrtx\)dell:poweredge_m630_\(pe_vrtx\)_firmwaredell:poweredge_m630_firmwaredell:poweredge_m830dell:poweredge_m830_\(pe_vrtx\)dell:poweredge_m830_\(pe_vrtx\)_firmwaredell:poweredge_m830_firmwaredell:poweredge_r430dell:poweredge_r430_firmwaredell:poweredge_r530dell:poweredge_r530_firmwaredell:poweredge_r630dell:poweredge_r630_firmwaredell:poweredge_r730dell:poweredge_r730_firmwaredell:poweredge_r730xddell:poweredge_r730xd_firmwaredell:poweredge_r830dell:poweredge_r830_firmwaredell:poweredge_r930dell:poweredge_r930_firmwaredell:poweredge_t430dell:poweredge_t430_firmwaredell:poweredge_t630dell:poweredge_t630_firmwaredell:xc430dell:xc430_firmwaredell:xc630dell:xc630_firmwaredell:xc6320dell:xc6320_firmwaredell:xc730dell:xc730_firmwaredell:xc730xddell:xc730xd_firmware
Weaknesses (CWE)
CWE-20CWE-787
References
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.