CVE-2024-39584

Summary

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
DellDell Client Platform BIOSN/A < 1.29.0affected
DellDell Client Platform BIOSN/A < 1.15.0affected
DellDell Client Platform BIOSN/A < 1.21.0affected
DellDell Client Platform BIOSN/A < 1.24.0affected

Weaknesses

  • CWE-1392: CWE-1392: Use of Default Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References