Vulnerabilities > CVE-2024-38296 - Unspecified vulnerability in Dell Intel Management Engine Firmware Update Utility

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

dell

NVD

Published: 2024-11-22

Updated: 2025-02-04

Summary

Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Intel Management Engine Firmware Update Utility *	1
Hardware	Dell Dell Edge Gateway 3200 - Dell Edge Gateway 5200 -	2

References

https://www.dell.com/support/kbdoc/en-us/000250949/dsa-2024-345-security-update-for-dell-networking-edge-gateway-5200-vulnerability