CVE-2026-40639

Summary

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Affected Software

VendorProductVersion RangeStatus
DellDell Edge Gateway 30000 < 1.26.0affected
DellDell Edge Gateway 50000 < 1.36.0affected
DellDELL EMBEDDED PC 30000 < 1.32.0affected
DellDELL EMBEDDED PC 50000 < 1.33.0affected
DellDell Precision 3630 Tower0 < 2.40.0affected
DellDell Precision 3930 Rack0 < 2.43.0affected
DellLatitude 7220 Rugged Extreme0 < 1.51.0affected
DellLatitude Rugged 54200 < 1.42.0affected
DellLatitude Rugged 54240 < 1.42.0affected
DellLatitude Rugged 7220EX0 < 1.51.0affected
DellLatitude Rugged 74240 < 1.42.0affected
DellPrecision 3930 Rack0 < 2.43.0affected

Weaknesses

  • CWE-261: CWE-261: Weak Encoding for Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References