TROYANOSYVIRUS
Back to CVEs

CVE-2024-38483

MEDIUM
5.8

Description

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVE Details

CVSS v3.1 Score5.8
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
Attack VectorLOCAL
ComplexityHIGH
Privileges RequiredHIGH
User InteractionREQUIRED
Published8/14/2024
Last Modified9/18/2024
Sourcenvd
Honeypot Sightings0

Affected Products

dell:embedded_box_pc_5000dell:embedded_box_pc_5000_firmwaredell:latitude_12_rugged_extreme_7214dell:latitude_12_rugged_extreme_7214_firmwaredell:latitude_13_3380dell:latitude_13_3380_firmwaredell:latitude_3300dell:latitude_3300_firmwaredell:latitude_3390_2-in-1dell:latitude_3390_2-in-1_firmwaredell:latitude_5280dell:latitude_5280_firmwaredell:latitude_5288dell:latitude_5288_firmwaredell:latitude_5290dell:latitude_5290_2-in-1dell:latitude_5290_2-in-1_firmwaredell:latitude_5290_firmwaredell:latitude_5400dell:latitude_5400_firmwaredell:latitude_5414_ruggeddell:latitude_5414_rugged_firmwaredell:latitude_5420_ruggeddell:latitude_5420_rugged_firmwaredell:latitude_5424_ruggeddell:latitude_5424_rugged_firmwaredell:latitude_5480dell:latitude_5480_firmwaredell:latitude_5488dell:latitude_5488_firmwaredell:latitude_5490dell:latitude_5490_firmwaredell:latitude_5580dell:latitude_5580_firmwaredell:latitude_5590dell:latitude_5590_firmwaredell:latitude_7212_rugged_extreme_tabletdell:latitude_7212_rugged_extreme_tablet_firmwaredell:latitude_7280dell:latitude_7280_firmwaredell:latitude_7285_2-in-1dell:latitude_7285_2-in-1_firmwaredell:latitude_7290dell:latitude_7290_firmwaredell:latitude_7380dell:latitude_7380_firmwaredell:latitude_7390dell:latitude_7390_2-in-1dell:latitude_7390_2-in-1_firmwaredell:latitude_7390_firmwaredell:latitude_7414_ruggeddell:latitude_7414_rugged_firmwaredell:latitude_7424_rugged_extremedell:latitude_7424_rugged_extreme_firmwaredell:latitude_7480dell:latitude_7480_firmwaredell:latitude_7490dell:latitude_7490_firmwaredell:optiplex_3050dell:optiplex_3050_all-in-onedell:optiplex_3050_all-in-one_firmwaredell:optiplex_3050_firmwaredell:optiplex_5050dell:optiplex_5050_firmwaredell:optiplex_7450_all-in-onedell:optiplex_7450_all-in-one_firmwaredell:precision_3420dell:precision_3420_tower_firmwaredell:precision_3520dell:precision_3520_firmwaredell:precision_3620_firmwaredell:precision_3620_towerdell:precision_5520dell:precision_5520_firmwaredell:precision_5530_2-in-1dell:precision_5530_2-in-1_firmwaredell:precision_7520dell:precision_7520_firmwaredell:precision_7720dell:precision_7720_firmwaredell:wyse_7040_thin_clientdell:wyse_7040_thin_client_firmware

Weaknesses (CWE)

CWE-20

References

https://www.dell.com/support/kbdoc/en-us/000225776/dsa-2024-260(security_alert@emc.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.