Vulnerability Description
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Xps 8960 Firmware | < 2.6.0 |
| Dell | Xps 8960 | - |
| Dell | Xps 8950 Firmware | < 1.19.0 |
| Dell | Xps 8950 | - |
| Dell | Inspiron 3502 Firmware | < 1.16.0 |
| Dell | Inspiron 3502 | - |
| Dell | Inspiron 15 3521 Firmware | < 1.14.0 |
| Dell | Inspiron 15 3521 | - |
| Dell | Inspiron 15 3510 Firmware | < 1.19.0 |
| Dell | Inspiron 15 3510 | - |
| Dell | Aurora R16 Firmware | < 2.7.0 |
| Dell | Aurora R16 | - |
| Dell | Alienware X17 R2 Firmware | < 1.20.0 |
| Dell | Alienware X17 R2 | - |
| Dell | Alienware X17 R1 Firmware | < 1.22.0 |
| Dell | Alienware X17 R1 | - |
| Dell | Alienware X15 R2 Firmware | < 1.20.0 |
| Dell | Alienware X15 R2 | - |
| Dell | Alienware X15 R1 Firmware | < 1.22.0 |
| Dell | Alienware X15 R1 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000223439/dsa-2024-124Vendor Advisory
FAQ
What is CVE-2024-32859?
CVE-2024-32859 is a vulnerability with a CVSS score of 7.5 (HIGH). Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerab...
How severe is CVE-2024-32859?
CVE-2024-32859 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-32859?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Xps 8960 Firmware, Dell Xps 8960, Dell Xps 8950 Firmware, Dell Xps 8950, Dell Inspiron 3502 Firmware.