Skip to main content

Severity by source

NVD PRIMARY
5.7 MEDIUM
AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
Analysis Generated
Jun 09, 2026 - 20:17 vuln.today
Patch available
Jun 09, 2026 - 20:03 EUVD
CVE Published
Jun 09, 2026 - 18:04 nvd
MEDIUM 5.7

DescriptionCVE.org

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.

AnalysisAI

Weak password encoding in Dell Client Platform BIOS (CWE-261) exposes BIOS credentials to recovery by a physically present unauthenticated attacker, enabling privilege escalation through unauthorized BIOS access. Affected hardware spans ruggedized Latitude field devices, Precision workstation towers and racks, and Edge/Embedded Gateway platforms - product categories frequently deployed in physically accessible or unattended environments. No public exploit code exists and no active exploitation has been identified at time of analysis, but the combination of credential recoverability and high-confidentiality/high-integrity CVSS impact makes patching a priority for organizations managing assets in low-physical-security locations.

Technical ContextAI

CWE-261 (Weak Encoding for Password) describes a class of defects where passwords are protected with a reversible or cryptographically weak scheme - such as XOR masking, Base64, ROT-style ciphers, or proprietary BIOS vendor encodings - rather than a one-way salted cryptographic hash. In UEFI/BIOS firmware, passwords (supervisor, user, hard-drive unlock) are typically persisted in SPI flash or CMOS NVRAM. If the encoding is weak, an attacker with physical access can use hardware techniques such as SPI flash read-back via a clip programmer, JTAG/debug interface access, or chip-off extraction to retrieve the raw stored value and decode it offline without brute-force. Affected CPEs confirm the vulnerability spans Dell Edge Gateway 3000 and 5000 series, Dell Embedded PC 3000 and 5000, Dell Precision 3630 Tower and 3930 Rack, and Latitude Rugged 5420, 5424, 7220 Rugged Extreme, and 7220EX - all running BIOS firmware versions below their respective fixed thresholds.

RemediationAI

The primary remediation is to apply the vendor-released BIOS updates published in Dell Security Advisory DSA-2026-197 (https://www.dell.com/support/kbdoc/en-us/000453482/dsa-2026-197). Fixed versions per platform are: Edge Gateway 3000 → 1.26.0, Edge Gateway 5000 → 1.36.0, Embedded PC 3000 → 1.32.0, Embedded PC 5000 → 1.33.0, Precision 3630 Tower → 2.40.0, Precision 3930 Rack → 2.43.0, Latitude 7220 Rugged Extreme and 7220EX → 1.51.0, and Latitude Rugged 5420 and 5424 → 1.42.0. BIOS updates can be deployed via Dell Command Update, Dell Update Packages, or via SCCM/Intune for enterprise environments; note that BIOS flashing typically requires a reboot and may briefly interrupt operations. Where immediate patching is not feasible, enforce physical security controls: restrict physical access to affected hardware using asset tracking, secure enclosures, or chassis intrusion detection. Additionally, consider enabling Dell's chassis intrusion alert feature if available on the platform and ensure BIOS setup passwords are changed post-patch since existing passwords may have been encoded under the weak scheme. Avoid relying on BIOS password protection as the sole access control on unpatched systems in exposed environments.

Share

CVE-2026-40639 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy