CVE-2024-32855

Name: CVE-2024-32855
Creator: NVD / NIST
Published: 2024-06-25T04:15:14.6+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.4/10EPSS 0.13%

Last modified Jun 17, 2026

CVE-2024-32855 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.. EPSS estimates a 0.13% chance of exploitation in the next 30 days.

Description

Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.

Metrics

CVSS 3.1

4.4/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

EPSS Probability

0.13%

2.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions
Dell	Inspiron 3480 Firmware	< 1.30.0
Dell	Inspiron 3580 Firmware	< 1.30.0
Dell	Latitude 3120 Firmware	< 1.26.0
Dell	Latitude 3190 Firmware	< 1.34.0
Dell	Latitude 3190 2-In-1 Firmware	< 1.34.0
Dell	Latitude 3300 Firmware	< 1.28.0
Dell	Latitude 3310 Firmware	< 1.25.0
Dell	Latitude 3310 2-In-1 Firmware	< 1.24.0
Dell	Latitude 3390 2-In-1 Firmware	< 1.31.0
Dell	Latitude 5288 Firmware	< 1.36.0
Dell	Latitude 5290 Firmware	< 1.35.0
Dell	Latitude 5290 2-In-1 Firmware	< 1.34.0
Dell	Latitude 5300 Firmware	< 1.31.0
Dell	Latitude 5300 2-In-1 Firmware	< 1.31.0
Dell	Latitude 5310 Firmware	< 1.24.0
Dell	Latitude 5310 2-In-1 Firmware	< 1.24.0
Dell	Latitude 5400 Firmware	< 1.30.0
Dell	Latitude 5401 Firmware	< 1.31.0
Dell	Latitude 5410 Firmware	< 1.28.0
Dell	Latitude 5411 Firmware	< 1.29.0
Dell	Latitude 5420 Rugged Firmware	< 1.32.0
Dell	Latitude 5424 Rugged Firmware	< 1.32.0
Dell	Latitude 5480 Firmware	< 1.36.0
Dell	Latitude 5488 Firmware	< 1.36.0
Dell	Latitude 5490 Firmware	< 1.35.0
Dell	Latitude 5491 Firmware	< 1.33.0
Dell	Latitude 5500 Firmware	< 1.30.0
Dell	Latitude 5501 Firmware	< 1.31.0
Dell	Latitude 5510 Firmware	< 1.28.0
Dell	Latitude 5511 Firmware	< 1.29.0
Dell	Latitude 5580 Firmware	< 1.36.0
Dell	Latitude 5590 Firmware	< 1.35.0
Dell	Latitude 5591 Firmware	< 1.33.0
Dell	Latitude 7200 2-In-1 Firmware	< 1.29.0
Dell	Latitude 7210 2-In-1 Firmware	< 1.30.0
Dell	Latitude 7212 Rugged Extreme Tablet Firmware	< 1.50.0
Dell	Latitude 7220 Rugged Extreme Firmware	< 1.36.0
Dell	Latitude 7280 Firmware	< 1.37.0
Dell	Latitude 7290 Firmware	< 1.38.0
Dell	Latitude 7300 Firmware	< 1.31.0
Dell	Latitude 7310 Firmware	< 1.30.0
Dell	Latitude 7380 Firmware	< 1.37.0
Dell	Latitude 7390 Firmware	< 1.38.0
Dell	Latitude 7390 2-In-1 Firmware	< 1.35.0
Dell	Latitude 7400 Firmware	< 1.31.0
Dell	Latitude 7400 2-In-1 Firmware	< 1.28.0
Dell	Latitude 7410 Firmware	< 1.30.0
Dell	Latitude 7424 Rugged Extreme Firmware	< 1.32.0
Dell	Latitude 7480 Firmware	< 1.37.0
Dell	Latitude 7490 Firmware	< 1.38.0

Showing 50 of 74 affected configurations. See NVD for the full list.

References

https://www.dell.com/support/kbdoc/en-us/000225627/dsa-2024-123Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000225627/dsa-2024-123Vendor Advisory

Timeline

Published: Jun 25, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2024-32855?

How severe is CVE-2024-32855?

CVE-2024-32855 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 0.13% probability of exploitation in the next 30 days.

How do I fix CVE-2024-32855?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-32855?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST