Xps 8960 Firmware
CVE-2024-39584
HIGH
Severity by source
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
AnalysisAI
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use of Default Credentials (CWE-1392), which allows attackers to gain access using factory-default usernames and passwords. Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution. Affected products include: Dell Xps 8960 Firmware, Dell Xps 8950 Firmware, Dell Inspiron 3502 Firmware, Dell Inspiron 15 3521 Firmware, Dell Inspiron 15 3510 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Force credential change on first use, remove default accounts, document required credential changes.
More in Xps 8960 Firmware
View allDell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rate
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rate
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rate
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Same weakness CWE-1392 – Use of Default Credentials
View allShare
External POC / Exploit Code
Leaving vuln.today