Impact
High
Details
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2024-22429 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2024-22429 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
Product | Software/Firmware | Affected Version | Remediated Version | Release Date (MM/DD/YYYY) | Link |
---|---|---|---|---|---|
Dell Precision 5820 Tower | BIOS | Versions prior to 2.36.0 | Versions 2.36.0 or later | 05/10/2024 | |
Edge Gateway 3000 series | BIOS | Versions prior to 1.18.0 | Versions 1.18.0 or later | 05/13/2024 | |
Latitude 12 Rugged Extreme 7214 | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 13 3380 | BIOS | Versions prior to 1.27.0 | Versions 1.27.0 or later | 05/06/2024 | |
Latitude 3180 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | |
Latitude 3189 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | |
Latitude 3300 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/06/2024 | |
Latitude 3390 2-in-1 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/06/2024 | |
Latitude 5414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 5420 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Latitude 5424 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Latitude 7212 Rugged Extreme Tablet | BIOS | Versions prior to 1.50.0 | Versions 1.50.0 or later | 05/08/2024 | |
Latitude 7414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 7424 Rugged Extreme | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Precision 3420 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | |
Precision 3620 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | |
Wyse 5070 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/10/2024 |
Product | Software/Firmware | Affected Version | Remediated Version | Release Date (MM/DD/YYYY) | Link |
---|---|---|---|---|---|
Dell Precision 5820 Tower | BIOS | Versions prior to 2.36.0 | Versions 2.36.0 or later | 05/10/2024 | |
Edge Gateway 3000 series | BIOS | Versions prior to 1.18.0 | Versions 1.18.0 or later | 05/13/2024 | |
Latitude 12 Rugged Extreme 7214 | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 13 3380 | BIOS | Versions prior to 1.27.0 | Versions 1.27.0 or later | 05/06/2024 | |
Latitude 3180 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | |
Latitude 3189 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | |
Latitude 3300 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/06/2024 | |
Latitude 3390 2-in-1 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/06/2024 | |
Latitude 5414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 5420 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Latitude 5424 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Latitude 7212 Rugged Extreme Tablet | BIOS | Versions prior to 1.50.0 | Versions 1.50.0 or later | 05/08/2024 | |
Latitude 7414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | |
Latitude 7424 Rugged Extreme | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | |
Precision 3420 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | |
Precision 3620 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | |
Wyse 5070 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/10/2024 |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Workarounds and Mitigations
None
Acknowledgements
CVE-2024-22429: Dell would like to thank schur of BUPT, Dubhe Lab for reporting this issue.
Revision History
Revision | Date | Description |
---|---|---|
1.0 | 2024-05-14 | Initial Release |
2.0 | 2024-05-17 | Added Revision history section |
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Dell Edge Gateway 3000 Series, Latitude 3180, Latitude 3189, Latitude 7212 Rugged Extreme Tablet, Latitude 7214 Rugged Extreme, Latitude 3300, Latitude 13 3380, Latitude 3390 2-in-1, Latitude 5414 Rugged, Latitude 5420 Rugged, Latitude 5424 Rugged , Latitude 7414 Rugged, Latitude 7424 Rugged Extreme, Precision 5820 Tower, Dell Precision Tower 3420, Dell Precision Tower 3620, Wyse 5070 Thin Client ...