Description
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
Scores
CVSS v3
8.2
EPSS
0.0001
EPSS Percentile
1.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-1392
Status
published
Products (20)
dell/alienware_area_51m_r2_firmware
< 1.29.0
dell/alienware_aurora_r13_firmware
< 1.21.0
dell/alienware_aurora_r15_amd_firmware
< 1.15.0
dell/alienware_aurora_r15_firmware
< 1.17.0
dell/alienware_aurora_ryzen_edition_r14_firmware
< 2.19.1
dell/alienware_m15_r3_firmware
< 1.29.0
dell/alienware_m15_r4_firmware
< 1.24.0
dell/alienware_m17_r3_firmware
< 1.29.0
dell/alienware_m17_r4_firmware
< 1.24.0
dell/alienware_x14_firmware
< 1.21.0
... and 10 more
Published
Aug 28, 2024
Tracked Since
Feb 18, 2026