CVE-2025-36600
HIGHDescription
Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Is your site exposed to CVE-2025-36600?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dell | latitude_12_rugged_extreme_7214_firmware |
| dell | latitude_12_rugged_extreme_7214 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-36600? +
How severe is CVE-2025-36600? +
What products are affected by CVE-2025-36600? +
How do I check if I'm vulnerable to CVE-2025-36600? +
Related Vulnerabilities
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for …
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. …
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release …
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access …
Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data …