CVE-2026-40639
5.7
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Dell Edge Gateway 3000 | 0 < 1.26.0 | affected |
| Dell | Dell Edge Gateway 5000 | 0 < 1.36.0 | affected |
| Dell | DELL EMBEDDED PC 3000 | 0 < 1.32.0 | affected |
| Dell | DELL EMBEDDED PC 5000 | 0 < 1.33.0 | affected |
| Dell | Dell Precision 3630 Tower | 0 < 2.40.0 | affected |
| Dell | Dell Precision 3930 Rack | 0 < 2.43.0 | affected |
| Dell | Latitude 7220 Rugged Extreme | 0 < 1.51.0 | affected |
| Dell | Latitude Rugged 5420 | 0 < 1.42.0 | affected |
| Dell | Latitude Rugged 5424 | 0 < 1.42.0 | affected |
| Dell | Latitude Rugged 7220EX | 0 < 1.51.0 | affected |
| Dell | Latitude Rugged 7424 | 0 < 1.42.0 | affected |
| Dell | Precision 3930 Rack | 0 < 2.43.0 | affected |
Weaknesses
- CWE-261: CWE-261: Weak Encoding for Password
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.