Precision 7920 Firmware
CVE-2024-42425
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
AnalysisAI
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-788. Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. Affected products include: Dell Precision 7920 Firmware, Dell 7920 Xl Firmware. Version information: prior to 2.22.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Precision 7920 Firmware
View allSelect Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. Rated medium severity (CV
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vu
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS co
Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot In
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today