ГлавнаяУязвимости → CVE-2024-39584
8.2высокая

CVE-2024-39584

Описание

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.

Затрагиваемое ПО
Dell Xps 8960 firmwareDell Xps 8960Dell Xps 8950 firmwareDell Xps 8950Dell Inspiron 3502 firmwareDell Inspiron 3502Dell Inspiron 15 3521 firmwareDell Inspiron 15 3521Dell Inspiron 15 3510 firmwareDell Inspiron 15 3510Dell Aurora r16 firmwareDell Aurora r16Dell Alienware x17 r2 firmwareDell Alienware x17 r2Dell Alienware x17 r1 firmwareDell Alienware x17 r1Dell Alienware x15 r2 firmwareDell Alienware x15 r2Dell Alienware x15 r1 firmwareDell Alienware x15 r1Dell Alienware x14 firmwareDell Alienware x14Dell Alienware m17 r4 firmwareDell Alienware m17 r4Dell Alienware m17 r3 firmware
CVSS
Балл8.2 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354