CVE-2024-32860 — HIGH (7.5)

Q: How severe is CVE-2024-32860?

CVE-2024-32860 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-32860?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware Area 51M R2 Firmware, Dell Alienware Area 51M R2, Dell Alienware Aurora R11 Firmware, Dell Alienware Aurora R11, Dell Alienware Aurora R12 Firmware.

Vulnerability Description

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dell	Alienware Area 51M R2 Firmware	< 1.26.0
Dell	Alienware Area 51M R2	-
Dell	Alienware Aurora R11 Firmware	< 1.0.24
Dell	Alienware Aurora R11	-
Dell	Alienware Aurora R12 Firmware	< 1.1.25
Dell	Alienware Aurora R12	-
Dell	Alienware Aurora R13 Firmware	<= 1.1.19
Dell	Alienware Aurora R13	-
Dell	Alienware Aurora R15 Firmware	< 1.1.12
Dell	Alienware Aurora R15	-
Dell	Alienware Aurora R15 Amd Firmware	< 1.13.0
Dell	Alienware Aurora R15 Amd	-
Dell	Alienware Aurora Ryzen Edition R14 Firmware	< 2.18.0
Dell	Alienware Aurora Ryzen Edition R14	-
Dell	Alienware M15 R3 Firmware	< 1.27.0
Dell	Alienware M15 R3	-
Dell	Alienware M15 R4 Firmware	<= 1.21.0
Dell	Alienware M15 R4	-
Dell	Alienware M17 R3 Firmware	< 1.27.0
Dell	Alienware M17 R3	-

Related Weaknesses (CWE)

CWE-20

References

https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000223440/dsa-2024-125Vendor Advisory

FAQ

What is CVE-2024-32860?

CVE-2024-32860 is a vulnerability with a CVSS score of 7.5 (HIGH). Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerab...

How severe is CVE-2024-32860?

CVE-2024-32860 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-32860?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware Area 51M R2 Firmware, Dell Alienware Area 51M R2, Dell Alienware Aurora R11 Firmware, Dell Alienware Aurora R11, Dell Alienware Aurora R12 Firmware.