CVE-2024-0160
Last modified
CVE-2024-0160 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.. EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Xps 17 9700 Firmware | < 1.30.0 |
| Dell | Xps 15 9500 Firmware | < 1.31.0 |
| Dell | Vostro 7500 Firmware | < 1.28.0 |
| Dell | Precision 5750 Firmware | < 1.30.0 |
| Dell | Precision 5550 Firmware | < 1.31.0 |
| Dell | Latitude 3520 Firmware | < 1.36.0 |
| Dell | Latitude 3510 Firmware | < 1.29.0 |
| Dell | Latitude 3420 Firmware | < 1.36.0 |
| Dell | Latitude 3410 Firmware | < 1.29.0 |
| Dell | Inspiron 7501 Firmware | < 1.28.0 |
| Dell | Inspiron 7500 Firmware | < 1.28.0 |
| Dell | G7 7700 Firmware | < 1.32.0 |
| Dell | G7 7500 Firmware | < 1.32.0 |
| Dell | G5 5500 Firmware | < 1.30.0 |
| Dell | G3 3500 Firmware | < 1.30.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-0160?
How severe is CVE-2024-0160?
How do I fix CVE-2024-0160?
Are you affected by CVE-2024-0160?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST