Skip to main content

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 12, 2024 - 07:15 nvd
MEDIUM 4.4

DescriptionNVD

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.

AnalysisAI

Dell Client BIOS contains an Out-of-bounds Write vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service. Affected products include: Dell Vostro 5502 Firmware, Dell Vostro 5402 Firmware, Dell Precision 3660 Firmware, Dell Inspiron 5509 Firmware, Dell Inspiron 5502 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2024-52541 HIGH
8.2 Feb 19

Dell Client Platform BIOS contains a Weak Authentication vulnerability. Rated high severity (CVSS 8.2), this vulnerabili

CVE-2022-26861 HIGH
7.8 Sep 06

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulner

CVE-2022-26860 HIGH
7.8 Sep 06

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerabili

CVE-2022-26858 HIGH
7.8 Sep 06

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2021-21574 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2021-21573 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2021-21572 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2022-26859 HIGH
7.0 Sep 06

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

CVE-2024-0158 MEDIUM
6.7 Jul 02

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28060 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28058 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28050 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

Share

CVE-2024-28970 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy