CVE-2024-38483

MEDIUM EPSS 4.7%
Published Aug 14, 20241y ago · Modified Jun 17, 20262w ago
6.7 CVSS 3.1
Medium
Find Similar
Published Aug 14, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVSS Details

Base Score
6.7
Exploitability
0.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 82

VendorProductVersionRange
delllatitude_5290_2-in-1_firmware* <1.35.0
delllatitude_5290_2-in-1*any
dellprecision_3420_tower_firmware* <2.32.0
dellprecision_3420*any
dellprecision_3620_firmware* <2.32.0
dellprecision_3620_tower*any
dellwyse_7040_thin_client_firmware* <1.26.0
dellwyse_7040_thin_client*any
dellprecision_7720_firmware* <1.37.0
dellprecision_7720*any
dellprecision_7520_firmware1.37.0any
dellprecision_7520*any
dellprecision_5530_2-in-1_firmware* <1.32.8
dellprecision_5530_2-in-1*any
dellprecision_5520_firmware* <1.39.0
dellprecision_5520*any
dellprecision_3520_firmware* <1.37.0
dellprecision_3520*any
delloptiplex_7450_all-in-one_firmware* <1.34.0
delloptiplex_7450_all-in-one*any
delloptiplex_5050_firmware* <1.31.0
delloptiplex_5050*any
delloptiplex_3050_all-in-one_firmware* <1.34.0
delloptiplex_3050_all-in-one*any
delloptiplex_3050_firmware* <1.31.0
delloptiplex_3050*any
delllatitude_7490_firmware* <1.39.0
delllatitude_7490*any
delllatitude_7480_firmware* <1.38.0
delllatitude_7480*any
delllatitude_7424_rugged_extreme_firmware* <1.34.0
delllatitude_7424_rugged_extreme*any
delllatitude_7414_rugged_firmware* <1.47.0
delllatitude_7414_rugged*any
delllatitude_7390_2-in-1_firmware* <1.36.0
delllatitude_7390_2-in-1*any
delllatitude_7390_firmware* <1.39.0
delllatitude_7390*any
delllatitude_7380_firmware* <1.38.0
delllatitude_7380*any
delllatitude_7290_firmware* <1.39.0
delllatitude_7290*any
delllatitude_7285_2-in-1_firmware* <1.27.0
delllatitude_7285_2-in-1*any
delllatitude_7280_firmware* <1.38.0
delllatitude_7280*any
delllatitude_7212_rugged_extreme_tablet_firmware* <1.51.0
delllatitude_7212_rugged_extreme_tablet*any
delllatitude_5590_firmware* <1.36.0
delllatitude_5590*any
delllatitude_5580_firmware* <1.37.0
delllatitude_5580*any
delllatitude_5490_firmware* <1.36.0
delllatitude_5490*any
delllatitude_5488_firmware* <1.37.0
delllatitude_5488*any
delllatitude_5480_firmware* <1.37.0
delllatitude_5480*any
delllatitude_5424_rugged_firmware* <1.34.0
delllatitude_5424_rugged*any
delllatitude_5420_rugged_firmware* <1.34.0
delllatitude_5420_rugged*any
delllatitude_5414_rugged_firmware* <1.47.0
delllatitude_5414_rugged*any
delllatitude_5400_firmware* <1.32.0
delllatitude_5400*any
delllatitude_5290_firmware* <1.36.0
delllatitude_5290*any
delllatitude_5288_firmware* <1.37.0
delllatitude_5288*any
delllatitude_5280_firmware* <1.37.0
delllatitude_5280*any
delllatitude_3390_2-in-1_firmware* <1.32.0
delllatitude_3390_2-in-1*any
delllatitude_3300_firmware* <1.29.0
delllatitude_3300*any
delllatitude_13_3380_firmware* <1.28.0
delllatitude_13_3380*any
delllatitude_12_rugged_extreme_7214_firmware* <1.47.0
delllatitude_12_rugged_extreme_7214*any
dellembedded_box_pc_5000_firmware* <1.26.0
dellembedded_box_pc_5000*any

References 1

  • dell.com https://www.dell.com/support/kbdoc/en-us/000225776/dsa-2024-260
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.