Vulnerability Description
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Xps 8960 Firmware | < 2.12.0 |
| Dell | Xps 8960 | - |
| Dell | Xps 8950 Firmware | < 1.21.0 |
| Dell | Xps 8950 | - |
| Dell | Inspiron 3502 Firmware | < 1.18.0 |
| Dell | Inspiron 3502 | - |
| Dell | Inspiron 15 3521 Firmware | < 1.16.0 |
| Dell | Inspiron 15 3521 | - |
| Dell | Inspiron 15 3510 Firmware | < 1.21.0 |
| Dell | Inspiron 15 3510 | - |
| Dell | Aurora R16 Firmware | < 2.13.0 |
| Dell | Aurora R16 | - |
| Dell | Alienware X17 R2 Firmware | < 1.22.0 |
| Dell | Alienware X17 R2 | - |
| Dell | Alienware X17 R1 Firmware | < 1.24.0 |
| Dell | Alienware X17 R1 | - |
| Dell | Alienware X15 R2 Firmware | < 1.22.0 |
| Dell | Alienware X15 R2 | - |
| Dell | Alienware X15 R1 Firmware | < 1.24.0 |
| Dell | Alienware X15 R1 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-39584?
CVE-2024-39584 is a vulnerability with a CVSS score of 8.2 (HIGH). Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot ...
How severe is CVE-2024-39584?
CVE-2024-39584 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-39584?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Xps 8960 Firmware, Dell Xps 8960, Dell Xps 8950 Firmware, Dell Xps 8950, Dell Inspiron 3502 Firmware.