CVE-2024-39584
HIGH EPSS 10.3%
Published Aug 28, 20241y ago · Modified Jun 17, 20262w ago
8.2 CVSS 3.1
Published Aug 28, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Changed
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
10.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-1392
Affected Products 40
| Vendor | Product | Version | Range |
|---|---|---|---|
| dell | xps_8960_firmware | * | <2.12.0 |
| dell | xps_8960 | * | any |
| dell | xps_8950_firmware | * | <1.21.0 |
| dell | xps_8950 | * | any |
| dell | inspiron_3502_firmware | * | <1.18.0 |
| dell | inspiron_3502 | * | any |
| dell | inspiron_15_3521_firmware | * | <1.16.0 |
| dell | inspiron_15_3521 | * | any |
| dell | inspiron_15_3510_firmware | * | <1.21.0 |
| dell | inspiron_15_3510 | * | any |
| dell | aurora_r16_firmware | * | <2.13.0 |
| dell | aurora_r16 | * | any |
| dell | alienware_x17_r2_firmware | * | <1.22.0 |
| dell | alienware_x17_r2 | * | any |
| dell | alienware_x17_r1_firmware | * | <1.24.0 |
| dell | alienware_x17_r1 | * | any |
| dell | alienware_x15_r2_firmware | * | <1.22.0 |
| dell | alienware_x15_r2 | * | any |
| dell | alienware_x15_r1_firmware | * | <1.24.0 |
| dell | alienware_x15_r1 | * | any |
| dell | alienware_x14_firmware | * | <1.21.0 |
| dell | alienware_x14 | * | any |
| dell | alienware_m17_r4_firmware | * | <1.24.0 |
| dell | alienware_m17_r4 | * | any |
| dell | alienware_m17_r3_firmware | * | <1.29.0 |
| dell | alienware_m17_r3 | * | any |
| dell | alienware_m15_r4_firmware | * | <1.24.0 |
| dell | alienware_m15_r4 | * | any |
| dell | alienware_m15_r3_firmware | * | <1.29.0 |
| dell | alienware_m15_r3 | * | any |
| dell | alienware_aurora_ryzen_edition_r14_firmware | * | <2.19.1 |
| dell | alienware_aurora_ryzen_edition_r14 | * | any |
| dell | alienware_aurora_r15_amd_firmware | * | <1.15.0 |
| dell | alienware_aurora_r15_amd | * | any |
| dell | alienware_aurora_r15_firmware | * | <1.17.0 |
| dell | alienware_aurora_r15 | * | any |
| dell | alienware_aurora_r13_firmware | * | <1.21.0 |
| dell | alienware_aurora_r13 | * | any |
| dell | alienware_area_51m_r2_firmware | * | <1.29.0 |
| dell | alienware_area_51m_r2 | * | any |
References 1
- dell.com https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.