CVE-2024-52537

Summary

Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Affected Software

VendorProductVersion RangeStatus
DellDell Client Platform BIOSN/A < 1.00.44, 1.00.28affected
DellDell Client Platform BIOSN/A < 1.00.23,1.00.28affected

Weaknesses

  • CWE-61: CWE-61: UNIX Symbolic Link (Symlink) Following

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References