CVE-2025-36579

Summary

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

Affected Software

VendorProductVersion RangeStatus
DellDell Pro 14 Essential PV142500 < 1.4.0affected
DellDell Pro Micro / QCM12550 < 1.9.1affected
DellDell Pro Slim / QCS12550 < 1.9.1affected
DellDell Pro Tower / QCT12550 < 1.9.1affected
DellAlienware 16 Area-51 AA162500 < 1.9.0affected
DellAlienware 16X Aurora AC162510 < 1.8.1affected
DellAlienware 18 Area-51 AA182500 < 1.9.0affected
DellAlienware Area-51 AAT2250 < 1.11.0affected
DellAlienware Aurora ACT12500 < 1.10.0affected
DellAlienware m15 R60 < 1.42.0affected
DellAlienware m15 R70 < 1.37.0affected
DellAlienware m16 R10 < 1.32.0affected
DellAlienware m16 R20 < 1.18.0affected
DellAlienware m18 R10 < 1.32.0affected
DellAlienware M18 R20 < 1.20.0affected
DellAlienware x14 R20 < 1.30.1affected
DellAlienware x16 R10 < 1.30.1affected
DellAlienware X16 R20 < 1.18.1affected
DellChengMing 39000 < 1.37.0affected
DellChengMing 3910/39110 < 1.32.0affected
DellChengMing 39900 < 1.35.1affected
DellChengMing 39910 < 1.35.1affected
DellDell 14 DC142500 < 1.4.0affected
DellDell 14 Premium DA142500 < 1.5.1affected
DellDell 15 DC152500 < 1.6.0affected
DellDell 16 DC162500 < 1.7.0affected
DellDell 16 DC162510 < 1.7.0affected
DellDell 16 Premium DA162500 < 1.7.0affected
DellDell G15 55100 < 1.38.0affected
DellDell G15 55110 < 1.41.0affected
DellDell G15 55200 < 1.38.0affected
DellDell G15 55300 < 1.30.0affected
DellDell G16 76200 < 1.38.0affected
DellDell G16 76300 < 1.30.0affected
DellDell G5 50000 < 1.28.2affected
DellDell Pro 13 Plus PB132500 < 2.8.1affected
DellDell Pro 13 Plus PB132550 < 1.9.1affected
DellDell Pro 13 Premium PA132500 < 2.8.1affected
DellDell Pro 14 PC142500 < 1.10.2affected
DellDell Pro 14 Plus PB142500 < 2.8.1affected
DellDell Pro 14 Plus PB142550 < 1.9.1affected
DellDell Pro 14 Premium PA142500 < 2.8.1affected
DellDell Pro 15 Essential PV152500 < 1.2.0affected
DellDell Pro 16 PC162500 < 1.10.2affected
DellDell Pro 16 Plus PB162500 < 2.8.1affected
DellDell Pro 16 Plus PB162550 < 1.9.1affected
DellDell Pro 24 All-in-One Plus/Dell Pro 24 All-in-One0 < 1.10.1affected
DellDell Pro Laptop PC142500 < 1.10.2affected
DellDell Pro Laptop PC162500 < 1.10.2affected
DellDell Pro Max 14 MC142500 < 1.9.0affected
DellDell Pro Max 14 MC142550 < 1.6.2affected
DellDell Pro Max 16 MC162500 < 1.9.0affected
DellDell Pro Max 16 MC162550 < 1.6.2affected
DellDell Pro Max Micro FCM22500 < 1.10.1affected
DellDell Pro Max Slim FCS12500 < 1.10.1affected
DellDell Pro Max Tower T2 FCT22500 < 1.10.1affected
DellDell Pro Micro/Micro Plus QCM1250/QBM12500 < 1.10.1affected
DellDell Pro Rugged 13 RA132500 < 1.12.1affected
DellDell Pro Rugged 14 RB142500 < 1.12.1affected
DellDell Pro Slim Essential QVS12600 < 1.10.1affected
DellDell Pro Slim Plus QBS1250/Dell Pro Slim QCS12500 < 1.10.1affected
DellDell Pro Tower Essential QVT12600 < 1.10.1affected
DellDell Pro Tower Plus QBT1250/Dell Pro Tower QCT12500 < 1.10.1affected
DellDell Slim ECS12500 < 1.10.1affected
DellDell Tower ECT12500 < 1.10.1affected
DellDell Tower Plus EBT22500 < 1.11.0affected
DellInspiron 13 53200 < 1.30.0affected
DellInspiron 13 53300 < 1.28.0affected
DellInspiron 14 54200 < 1.33.0affected
DellInspiron 14 54300 < 1.26.0affected
DellInspiron 14 54400 < 1.19.0affected
DellInspiron 14 7420 2-in-10 < 1.31.0affected
DellInspiron 14 7430 2-in-10 < 1.26.0affected
DellInspiron 14 7440 2-in-10 < 1.19.0affected
DellInspiron 14 Plus 74200 < 1.34.0affected
DellInspiron 14 Plus 74300 < 1.26.0affected
DellInspiron 14 Plus 74400 < 1.22.0affected
DellInspiron 15 35110 < 1.43.0affected
DellInspiron 15 35200 < 1.39.0affected
DellInspiron 16 56200 < 1.33.0affected
DellInspiron 16 56300 < 1.26.0affected
DellInspiron 16 56400 < 1.18.0affected
DellInspiron 16 76100 < 1.36.0affected
DellInspiron 16 7620 2-in-10 < 1.31.0affected
DellInspiron 16 7630 2-in-10 < 1.26.0affected
DellInspiron 16 7640 2-in-10 < 1.18.0affected
DellInspiron 16 Plus 76200 < 1.34.0affected
DellInspiron 16 Plus 76300 < 1.26.0affected
DellInspiron 16 Plus 76400 < 1.22.0affected
DellInspiron 24 5420 All-in-One0 < 1.25.0affected
DellInspiron 24 5430 All-in-One0 < 1.18.0affected
DellInspiron 27 7720 All-in-One0 < 1.25.0affected
DellInspiron 27 7730 All-in-One0 < 1.18.0affected
DellInspiron 3020 Desktop0 < 1.32.0affected
DellInspiron 3020 Small Desktop0 < 1.32.0affected
DellInspiron 30300 < 1.22.1affected
DellInspiron 3030S0 < 1.22.1affected
DellInspiron 39100 < 1.37.0affected
DellInspiron 5400/54010 < 1.37.0affected
DellInspiron 5401 AIO0 < 1.37.0affected
DellInspiron 5410 All-in-One0 < 1.35.0affected
DellInspiron 55100 < 2.39.0affected
DellInspiron 7700 All-In-One0 < 1.37.0affected
DellInspiron 7710 All-in-One0 < 1.35.0affected
DellLatitude 31200 < 1.35.1affected
DellLatitude 31400 < 1.28.1affected
DellLatitude 3140 2in10 < 1.28.1affected
DellLatitude 33200 < 1.41.0affected
DellLatitude 33300 < 1.33.0affected
DellLatitude 33400 < 1.29.0affected
DellLatitude 34100 < 1.36.0affected
DellLatitude 34200 < 1.46.0affected
DellLatitude 34300 < 1.32.0affected
DellLatitude 34400 < 1.29.0affected
DellLatitude 34500 < 1.20.0affected
DellLatitude 35100 < 1.36.0affected
DellLatitude 35200 < 1.46.0affected
DellLatitude 35300 < 1.32.0affected
DellLatitude 35400 < 1.29.0affected
DellLatitude 35500 < 1.20.0affected

Weaknesses

  • CWE-640: CWE-640: Weak Password Recovery Mechanism for Forgotten Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References