Skip to main content

Inspiron 3480 Firmware CVE-2024-32855

MEDIUM
Out-of-bounds Write (CWE-787)
2024-06-25 security_alert@emc.com
Buffer Overflow Dell Memory Corruption Inspiron 3480 Firmware Inspiron 3580 Firmware Latitude 3120 Firmware Latitude 3190 Firmware Latitude 3190 2 In 1 Firmware Latitude 3300 Firmware Latitude 3310 Firmware Latitude 3310 2 In 1 Firmware Latitude 3390 2 In 1 Firmware Latitude 5288 Firmware Latitude 5290 Firmware Latitude 5290 2 In 1 Firmware Latitude 5300 Firmware Latitude 5300 2 In 1 Firmware Latitude 5310 Firmware Latitude 5310 2 In 1 Firmware Latitude 5400 Firmware Latitude 5401 Firmware Latitude 5410 Firmware Latitude 5411 Firmware Latitude 5420 Rugged Firmware Latitude 5424 Rugged Firmware Latitude 5480 Firmware Latitude 5488 Firmware Latitude 5490 Firmware Latitude 5491 Firmware Latitude 5500 Firmware Latitude 5501 Firmware Latitude 5510 Firmware Latitude 5511 Firmware Latitude 5580 Firmware Latitude 5590 Firmware Latitude 5591 Firmware Latitude 7200 2 In 1 Firmware Latitude 7210 2 In 1 Firmware Latitude 7212 Rugged Extreme Tablet Firmware Latitude 7220 Rugged Extreme Firmware Latitude 7280 Firmware Latitude 7290 Firmware Latitude 7300 Firmware Latitude 7310 Firmware Latitude 7380 Firmware Latitude 7390 Firmware Latitude 7390 2 In 1 Firmware Latitude 7400 Firmware Latitude 7400 2 In 1 Firmware Latitude 7410 Firmware Latitude 7424 Rugged Extreme Firmware Latitude 7480 Firmware Latitude 7490 Firmware Latitude 9410 Firmware Latitude 9510 2In1 Firmware Latitude Rugged 7220Ex Firmware Precision 3520 Firmware Precision 3530 Firmware Precision 3540 Firmware Precision 3541 Firmware Precision 3550 Firmware Precision 3551 Firmware Precision 5530 Firmware Precision 5530 2 In 1 Firmware Precision 5540 Firmware Precision 7530 Firmware Precision 7540 Firmware Precision 7550 Firmware Precision 7730 Firmware Precision 7740 Firmware Precision 7750 Firmware Vostro 3480 Firmware Vostro 3580 Firmware Vostro 3583 Firmware Wyse 5470 Firmware Wyse 5470 All In One Firmware Xps 15 7590 Firmware
4.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 25, 2024 - 04:15 nvd
MEDIUM 4.4

DescriptionNVD

Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.

AnalysisAI

Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. Affected products include: Dell Inspiron 3480 Firmware, Dell Inspiron 3580 Firmware, Dell Latitude 3120 Firmware, Dell Latitude 3190 Firmware, Dell Latitude 3190 2-In-1 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2022-32493 HIGH
7.8 Oct 12

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2022-32491 HIGH
7.8 Oct 12

Dell Client BIOS contains a Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low att

CVE-2022-32489 HIGH
7.8 Oct 12

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low

CVE-2022-32488 HIGH
7.8 Oct 12

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low

CVE-2022-32487 HIGH
7.8 Oct 12

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low

CVE-2022-32485 HIGH
7.8 Oct 12

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low

CVE-2022-26861 HIGH
7.8 Sep 06

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulner

CVE-2022-26860 HIGH
7.8 Sep 06

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerabili

CVE-2022-26858 HIGH
7.8 Sep 06

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2022-26859 HIGH
7.0 Sep 06

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

CVE-2022-29083 MEDIUM
6.8 Aug 09

Prior Dell BIOS versions contain an Improper Authentication vulnerability. Rated medium severity (CVSS 6.8), this vulner

CVE-2019-3717 MEDIUM
6.8 Aug 05

Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. Rated medium severity (CV

Share

CVE-2024-32855 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy