Severity by source
AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
AnalysisAI
Weak password encoding in Dell Client Platform BIOS (CWE-261) exposes BIOS credentials to recovery by a physically present unauthenticated attacker, enabling privilege escalation through unauthorized BIOS access. Affected hardware spans ruggedized Latitude field devices, Precision workstation towers and racks, and Edge/Embedded Gateway platforms - product categories frequently deployed in physically accessible or unattended environments. No public exploit code exists and no active exploitation has been identified at time of analysis, but the combination of credential recoverability and high-confidentiality/high-integrity CVSS impact makes patching a priority for organizations managing assets in low-physical-security locations.
Technical ContextAI
CWE-261 (Weak Encoding for Password) describes a class of defects where passwords are protected with a reversible or cryptographically weak scheme - such as XOR masking, Base64, ROT-style ciphers, or proprietary BIOS vendor encodings - rather than a one-way salted cryptographic hash. In UEFI/BIOS firmware, passwords (supervisor, user, hard-drive unlock) are typically persisted in SPI flash or CMOS NVRAM. If the encoding is weak, an attacker with physical access can use hardware techniques such as SPI flash read-back via a clip programmer, JTAG/debug interface access, or chip-off extraction to retrieve the raw stored value and decode it offline without brute-force. Affected CPEs confirm the vulnerability spans Dell Edge Gateway 3000 and 5000 series, Dell Embedded PC 3000 and 5000, Dell Precision 3630 Tower and 3930 Rack, and Latitude Rugged 5420, 5424, 7220 Rugged Extreme, and 7220EX - all running BIOS firmware versions below their respective fixed thresholds.
RemediationAI
The primary remediation is to apply the vendor-released BIOS updates published in Dell Security Advisory DSA-2026-197 (https://www.dell.com/support/kbdoc/en-us/000453482/dsa-2026-197). Fixed versions per platform are: Edge Gateway 3000 → 1.26.0, Edge Gateway 5000 → 1.36.0, Embedded PC 3000 → 1.32.0, Embedded PC 5000 → 1.33.0, Precision 3630 Tower → 2.40.0, Precision 3930 Rack → 2.43.0, Latitude 7220 Rugged Extreme and 7220EX → 1.51.0, and Latitude Rugged 5420 and 5424 → 1.42.0. BIOS updates can be deployed via Dell Command Update, Dell Update Packages, or via SCCM/Intune for enterprise environments; note that BIOS flashing typically requires a reboot and may briefly interrupt operations. Where immediate patching is not feasible, enforce physical security controls: restrict physical access to affected hardware using asset tracking, secure enclosures, or chassis intrusion detection. Additionally, consider enabling Dell's chassis intrusion alert feature if available on the platform and ensure BIOS setup passwords are changed post-patch since existing passwords may have been encoded under the weak scheme. Avoid relying on BIOS password protection as the sole access control on unpatched systems in exposed environments.
Same weakness CWE-261 – Weak Encoding for Password
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35789
GHSA-wgcp-rfq6-33jh