CVE-2025-29989
LOWDescription
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dell | precision_5820_tower_firmware |
| dell | precision_5820_tower |
| dell | precision_7820_tower_firmware |
| dell | precision_7820_tower |
| dell | precision_7920_tower_firmware |
| dell | precision_7920_tower |
| dell | precision_7865_tower_firmware |
| dell | precision_7865_tower |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-29989? +
How severe is CVE-2025-29989? +
What products are affected by CVE-2025-29989? +
How do I check if I'm vulnerable to CVE-2025-29989? +
Related Vulnerabilities
Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code …
Tesla Wall Connector Firmware Downgrade Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of …
An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.3.52.928 and below) that allows an unauthenticated attacker …
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade …
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for …
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A …