CVE-2024-0158

Summary

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

Affected Software

VendorProductVersion RangeStatus
DellCPG BIOSN/A < 1.28.0affected
DellCPG BIOSN/A < 1.23.0affected
DellCPG BIOSN/A < 1.15.0affected
DellCPG BIOSN/A < 1.2.1affected
DellCPG BIOSN/A < 1.12.1affected
DellCPG BIOSN/A < 1.2.0affected
DellCPG BIOSN/A < 1.20.0affected
DellCPG BIOSN/A < 1.12.0affected
DellCPG BIOSN/A < 1.26.0affected
DellCPG BIOSN/A < 1.27.0affected
DellCPG BIOSN/A < 1.13.0affected
DellCPG BIOSN/A < 1.29.0affected
DellCPG BIOSN/A < 1.19.0affected
DellCPG BIOSN/A < 1.25.0affected
DellCPG BIOSN/A < 1.31.0affected
DellCPG BIOSN/A < 2.27.0affected
DellCPG BIOSN/A < 2.35.0affected
DellCPG BIOSN/A < 2.39.0affected
DellCPG BIOSN/A < 1.17.0affected
DellCPG BIOSN/A < 1.24.0affected
DellCPG BIOSN/A < 2.26.0affected
DellCPG BIOSN/A < 1.13.1affected
DellCPG BIOSN/A < 2.25.0affected
DellCPG BIOSN/A < 1.3.1affected
DellCPG BIOSN/A < 1.18.0affected
DellCPG BIOSN/A < 1.21.0affected
DellCPG BIOSN/A < 1.22.0affected
DellCPG BIOSN/A < 1.9.0affected
DellCPG BIOSN/A < 1.3.0affected
DellCPG BIOSN/A < 1.30.0affected
DellCPG BIOSN/A < 1.32.0affected
DellCPG BIOSN/A < 1.29..0affected
DellCPG BIOSN/A < 1.45.0affected
DellCPG BIOSN/A < 1.33.0affected
DellCPG BIOSN/A < 1.11.0affected
DellCPG BIOSN/A < 1.35.0affected
DellCPG BIOSN/A < 1.34.0affected
DellCPG BIOSN/A < 1.36.0affected
DellCPG BIOSN/A < 1.36.2affected
DellCPG BIOSN/A < 1.25.1affected
DellCPG BIOSN/A < 1.21.1affected
DellCPG BIOSN/A < 1.4.1affected
DellCPG BIOSN/A < 1.49.0affected
DellCPG BIOSN/A < 1.37.0affected
DellCPG BIOSN/A < 1.34.2affected
DellCPG BIOSN/A < 1.30.1affected
DellCPG BIOSN/A < 1.16.1affected
DellCPG BIOSN/A < 2.24.0affected
DellCPG BIOSN/A < 2.18.0affected
DellCPG BIOSN/A < 1.1.38affected
DellCPG BIOSN/A < 3.3.2affected
DellCPG BIOSN/A < 2.29.0affected
DellCPG BIOSN/A < 2.12.0affected
DellCPG BIOSN/A < 2.30.0affected
DellCPG BIOSN/A < 1.30.8affected
DellCPG BIOSN/A < 1.10.0affected
DellCPG BIOSN/A < 1.26.1affected
DellCPG BIOSN/A < 1.1.17affected
DellCPG BIOSN/A < 1.20.1affected
DellCPG BIOSN/A < 1.7.0affected
DellCPG BIOSN/A < 01.03.00affected
DellCPG BIOSN/A < 1.1.16affected
DellCPG BIOSN/A < 3.21.0affected
DellCPG BIOSN/A < 2.23.0affected
DellCPG BIOSN/A < 1.19.1affected
DellCPG BIOSN/A < 2.10.0affected
DellCPG BIOSN/A < 2.18.1affected
DellCPG BIOSN/A < 1.14.0affected

Weaknesses

  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References