Vulnerabilities > CVE-2024-0160 - Incorrect Authorization vulnerability in Dell products

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

dell

CWE-863

NVD

Published: 2024-06-12

Updated: 2024-09-25

Summary

Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell XPS 17 9700 Firmware - Dell XPS 17 9700 Firmware 1.20.0 Dell XPS 17 9700 Firmware 1.29.0 Dell XPS 15 9500 Firmware - Dell XPS 15 9500 Firmware 1.19.0 Dell XPS 15 9500 Firmware 1.27.0 Dell Vostro 7500 Firmware - Dell Vostro 7500 Firmware 1.18.0 Dell Vostro 7500 Firmware 1.24.0 Dell Vostro 7500 Firmware 1.27.0 Dell Precision 5750 Firmware - Dell Precision 5750 Firmware 1.20.0 Dell Precision 5750 Firmware 1.29.0 Dell Precision 5550 Firmware - Dell Precision 5550 Firmware 1.19.0 Dell Precision 5550 Firmware 1.27.0 Dell Latitude 3520 Firmware - Dell Latitude 3520 Firmware 1.23.2 Dell Latitude 3520 Firmware 1.25.1 Dell Latitude 3520 Firmware 1.29.0 Dell Latitude 3520 Firmware 1.35.0 Dell Latitude 3510 Firmware - Dell Latitude 3510 Firmware 1.20.2 Dell Latitude 3510 Firmware 1.28.0 Dell Latitude 3420 Firmware - Dell Latitude 3420 Firmware 1.23.2 Dell Latitude 3420 Firmware 1.25.1 Dell Latitude 3420 Firmware 1.29.0 Dell Latitude 3420 Firmware 1.35.0 Dell Latitude 3410 Firmware - Dell Latitude 3410 Firmware 1.20.2 Dell Latitude 3410 Firmware 1.28.0 Dell Inspiron 7501 Firmware - Dell Inspiron 7501 Firmware 1.18.0 Dell Inspiron 7501 Firmware 1.24.0 Dell Inspiron 7501 Firmware 1.27.0 Dell Inspiron 7500 Firmware - Dell Inspiron 7500 Firmware 1.18.0 Dell Inspiron 7500 Firmware 1.24.0 Dell Inspiron 7500 Firmware 1.27.0 Dell G7 7700 Firmware - Dell G7 7700 Firmware 1.11.1 Dell G7 7700 Firmware 1.31.0 Dell G7 7500 Firmware - Dell G7 7500 Firmware 1.11.1 Dell G7 7500 Firmware 1.31.0 Dell G5 5500 Firmware - Dell G5 5500 Firmware 1.12.0 Dell G5 5500 Firmware 1.29.0 Dell G3 3500 Firmware - Dell G3 3500 Firmware 1.12.0 Dell G3 3500 Firmware 1.20.0 Dell G3 3500 Firmware 1.26.0 Dell G3 3500 Firmware 1.29.0	54
Hardware	Dell Dell XPS 17 9700 - Dell XPS 15 9500 - Dell Vostro 7500 - Dell Precision 5750 - Dell Precision 5550 - Dell Latitude 3520 - Dell Latitude 3510 - Dell Latitude 3420 - Dell Latitude 3410 - Dell Inspiron 7501 - Dell Inspiron 7500 - Dell G7 7700 - Dell G7 7500 - Dell G5 5500 - Dell G3 3500 -	15

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://www.dell.com/support/kbdoc/en-us/000224763/dsa-2024-122