CVE-2024-32855

LOW
Published Jun 25, 2024 Modified Feb 4, 2025 CWE-787

Description

Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.

CVSS v3.1 Score

3.8
LOW
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Affected Products

Vendor Product
dell inspiron_3480_firmware
dell inspiron_3480
dell inspiron_3580_firmware
dell inspiron_3580
dell latitude_3120_firmware
dell latitude_3120
dell latitude_3190_firmware
dell latitude_3190
dell latitude_3190_2-in-1_firmware
dell latitude_3190_2-in-1
dell latitude_3300_firmware
dell latitude_3300
dell latitude_3310_firmware
dell latitude_3310
dell latitude_3310_2-in-1_firmware
dell latitude_3310_2-in-1
dell latitude_3390_2-in-1_firmware
dell latitude_3390_2-in-1
dell latitude_5288_firmware
dell latitude_5288
dell latitude_5290_firmware
dell latitude_5290
dell latitude_5290_2-in-1_firmware
dell latitude_5290_2-in-1
dell latitude_5300_firmware
dell latitude_5300
dell latitude_5300_2-in-1_firmware
dell latitude_5300_2-in-1
dell latitude_5310_firmware
dell latitude_5310
dell latitude_5310_2-in-1_firmware
dell latitude_5310_2-in-1
dell latitude_5400_firmware
dell latitude_5400
dell latitude_5401_firmware
dell latitude_5401
dell latitude_5410_firmware
dell latitude_5410
dell latitude_5411_firmware
dell latitude_5411
dell latitude_5420_rugged_firmware
dell latitude_5420_rugged
dell latitude_5424_rugged_firmware
dell latitude_5424_rugged
dell latitude_5480_firmware
dell latitude_5480
dell latitude_5488_firmware
dell latitude_5488
dell latitude_5490_firmware
dell latitude_5490
dell latitude_5491_firmware
dell latitude_5491
dell latitude_5500_firmware
dell latitude_5500
dell latitude_5501_firmware
dell latitude_5501
dell latitude_5510_firmware
dell latitude_5510
dell latitude_5511_firmware
dell latitude_5511
dell latitude_5580_firmware
dell latitude_5580
dell latitude_5590_firmware
dell latitude_5590
dell latitude_5591_firmware
dell latitude_5591
dell latitude_7200_2-in-1_firmware
dell latitude_7200_2-in-1
dell latitude_7210_2-in-1_firmware
dell latitude_7210_2-in-1
dell latitude_7212_rugged_extreme_tablet_firmware
dell latitude_7212_rugged_extreme_tablet
dell latitude_7220_rugged_extreme_firmware
dell latitude_7220_rugged_extreme
dell latitude_7280_firmware
dell latitude_7280
dell latitude_7290_firmware
dell latitude_7290
dell latitude_7300_firmware
dell latitude_7300
dell latitude_7310_firmware
dell latitude_7310
dell latitude_7380_firmware
dell latitude_7380
dell latitude_7390_firmware
dell latitude_7390
dell latitude_7390_2-in-1_firmware
dell latitude_7390_2-in-1
dell latitude_7400_firmware
dell latitude_7400
dell latitude_7400_2-in-1_firmware
dell latitude_7400_2-in-1
dell latitude_7410_firmware
dell latitude_7410
dell latitude_7424_rugged_extreme_firmware
dell latitude_7424_rugged_extreme
dell latitude_7480_firmware
dell latitude_7480
dell latitude_7490_firmware
dell latitude_7490
dell latitude_9410_firmware
dell latitude_9410
dell latitude_9510_2in1_firmware
dell latitude_9510_2in1
dell latitude_rugged_7220ex_firmware
dell latitude_rugged_7220ex
dell precision_3520_firmware
dell precision_3520
dell precision_3530_firmware
dell precision_3530
dell precision_3540_firmware
dell precision_3540
dell precision_3541_firmware
dell precision_3541
dell precision_3550_firmware
dell precision_3550
dell precision_3551_firmware
dell precision_3551
dell precision_5530_firmware
dell precision_5530
dell precision_5530_2-in-1_firmware
dell precision_5530_2-in-1
dell precision_5540_firmware
dell precision_5540
dell precision_7530_firmware
dell precision_7530
dell precision_7540_firmware
dell precision_7540
dell precision_7550_firmware
dell precision_7550
dell precision_7730_firmware
dell precision_7730
dell precision_7740_firmware
dell precision_7740
dell precision_7750_firmware
dell precision_7750
dell vostro_3480_firmware
dell vostro_3480
dell vostro_3580_firmware
dell vostro_3580
dell vostro_3583_firmware
dell vostro_3583
dell wyse_5470_firmware
dell wyse_5470
dell wyse_5470_all-in-one_firmware
dell wyse_5470_all-in-one
dell xps_15_7590_firmware
dell xps_15_7590

References

Frequently Asked Questions

What is CVE-2024-32855? +
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. It has a CVSS v3.1 base score of 3.8 (LOW).
How severe is CVE-2024-32855? +
CVE-2024-32855 has a CVSS v3.1 score of 3.8 out of 10, rated LOW. This is a low-severity vulnerability with limited impact.
What products are affected by CVE-2024-32855? +
CVE-2024-32855 affects products from dell, specifically: inspiron_3480, inspiron_3480_firmware, inspiron_3580, inspiron_3580_firmware, latitude_3120, latitude_3120_firmware, latitude_3190, latitude_3190_2-in-1, latitude_3190_2-in-1_firmware, latitude_3190_firmware, latitude_3300, latitude_3300_firmware, latitude_3310, latitude_3310_2-in-1, latitude_3310_2-in-1_firmware, latitude_3310_firmware, latitude_3390_2-in-1, latitude_3390_2-in-1_firmware, latitude_5288, latitude_5288_firmware, latitude_5290, latitude_5290_2-in-1, latitude_5290_2-in-1_firmware, latitude_5290_firmware, latitude_5300, latitude_5300_2-in-1, latitude_5300_2-in-1_firmware, latitude_5300_firmware, latitude_5310, latitude_5310_2-in-1, latitude_5310_2-in-1_firmware, latitude_5310_firmware, latitude_5400, latitude_5400_firmware, latitude_5401, latitude_5401_firmware, latitude_5410, latitude_5410_firmware, latitude_5411, latitude_5411_firmware, latitude_5420_rugged, latitude_5420_rugged_firmware, latitude_5424_rugged, latitude_5424_rugged_firmware, latitude_5480, latitude_5480_firmware, latitude_5488, latitude_5488_firmware, latitude_5490, latitude_5490_firmware, latitude_5491, latitude_5491_firmware, latitude_5500, latitude_5500_firmware, latitude_5501, latitude_5501_firmware, latitude_5510, latitude_5510_firmware, latitude_5511, latitude_5511_firmware, latitude_5580, latitude_5580_firmware, latitude_5590, latitude_5590_firmware, latitude_5591, latitude_5591_firmware, latitude_7200_2-in-1, latitude_7200_2-in-1_firmware, latitude_7210_2-in-1, latitude_7210_2-in-1_firmware, latitude_7212_rugged_extreme_tablet, latitude_7212_rugged_extreme_tablet_firmware, latitude_7220_rugged_extreme, latitude_7220_rugged_extreme_firmware, latitude_7280, latitude_7280_firmware, latitude_7290, latitude_7290_firmware, latitude_7300, latitude_7300_firmware, latitude_7310, latitude_7310_firmware, latitude_7380, latitude_7380_firmware, latitude_7390, latitude_7390_2-in-1, latitude_7390_2-in-1_firmware, latitude_7390_firmware, latitude_7400, latitude_7400_2-in-1, latitude_7400_2-in-1_firmware, latitude_7400_firmware, latitude_7410, latitude_7410_firmware, latitude_7424_rugged_extreme, latitude_7424_rugged_extreme_firmware, latitude_7480, latitude_7480_firmware, latitude_7490, latitude_7490_firmware, latitude_9410, latitude_9410_firmware, latitude_9510_2in1, latitude_9510_2in1_firmware, latitude_rugged_7220ex, latitude_rugged_7220ex_firmware, precision_3520, precision_3520_firmware, precision_3530, precision_3530_firmware, precision_3540, precision_3540_firmware, precision_3541, precision_3541_firmware, precision_3550, precision_3550_firmware, precision_3551, precision_3551_firmware, precision_5530, precision_5530_2-in-1, precision_5530_2-in-1_firmware, precision_5530_firmware, precision_5540, precision_5540_firmware, precision_7530, precision_7530_firmware, precision_7540, precision_7540_firmware, precision_7550, precision_7550_firmware, precision_7730, precision_7730_firmware, precision_7740, precision_7740_firmware, precision_7750, precision_7750_firmware, vostro_3480, vostro_3480_firmware, vostro_3580, vostro_3580_firmware, vostro_3583, vostro_3583_firmware, wyse_5470, wyse_5470_all-in-one, wyse_5470_all-in-one_firmware, wyse_5470_firmware, xps_15_7590, xps_15_7590_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-32855? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-32855 — free, no signup required.

Start Free Scan