VAR-202405-3505
Vulnerability from variot - Updated: 2025-02-04 23:33Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. Dell Edge Gateway 5000 firmware, precision 5820 tower firmware, Dell Edge Gateway 3000 Unspecified vulnerabilities exist in multiple Dell products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202405-3505",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "embedded box pc 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.25.0"
},
{
"model": "precision 3620 tower",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "2.30.0"
},
{
"model": "latitude 5290",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.35.0"
},
{
"model": "latitude 5580",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 7424 rugged extreme",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.32.0"
},
{
"model": "latitude 5288",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 7280",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.37.0"
},
{
"model": "precision 5520",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.38.0"
},
{
"model": "edge gateway 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.28.0"
},
{
"model": "latitude 3390 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.31.0"
},
{
"model": "latitude 5400",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.30.0"
},
{
"model": "latitude 7480",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.37.0"
},
{
"model": "latitude 7380",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.37.0"
},
{
"model": "latitude 7414 rugged",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.46.0"
},
{
"model": "latitude 7290",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.38.0"
},
{
"model": "latitude 7390",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.38.0"
},
{
"model": "latitude 5490",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.35.0"
},
{
"model": "latitude 5420 rugged",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.32.0"
},
{
"model": "optiplex 7450 all-in-one",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.32.0"
},
{
"model": "latitude 7285 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.26.0"
},
{
"model": "latitude 5280",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "optiplex 3050 all-in-one",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.32.0"
},
{
"model": "precision 3420 tower",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "2.30.0"
},
{
"model": "latitude 5290 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.34.0"
},
{
"model": "precision 3520",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 5488",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 7390 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.35.0"
},
{
"model": "latitude 5424 rugged",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.32.0"
},
{
"model": "latitude 5590",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.35.0"
},
{
"model": "latitude 3190",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.34.0"
},
{
"model": "latitude 3180",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.29.0"
},
{
"model": "precision 7720",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 7212 rugged extreme tablet",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.50.0"
},
{
"model": "precision 7520",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 3190 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.34.0"
},
{
"model": "latitude 12 rugged extreme 7214",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.46.0"
},
{
"model": "wyse 7040 thin client",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.25.0"
},
{
"model": "latitude 5480",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.36.0"
},
{
"model": "latitude 13 3380",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.27.0"
},
{
"model": "latitude 3189",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.29.0"
},
{
"model": "wyse 5070",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.31.0"
},
{
"model": "optiplex 5050",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.30.0"
},
{
"model": "latitude 7490",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.38.0"
},
{
"model": "optiplex 3050",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.30.0"
},
{
"model": "precision 5820 tower",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "2.36.0"
},
{
"model": "precision 5530 2-in-1",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.31.8"
},
{
"model": "latitude 3300",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.28.0"
},
{
"model": "edge gateway 3000",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.18.0"
},
{
"model": "latitude 5414 rugged",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.46.0"
},
{
"model": "embedded box pc 3000",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "1.24.0"
},
{
"model": "embedded box pc 5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3189",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5288",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3390 2-in-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5400",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5420 rugged",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 13 3380",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3190 2-in-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "dell edge gateway 5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 12 rugged extreme 7214",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3180",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "precision 5820 tower",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "dell edge gateway 3000",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5290 2-in-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5414 rugged",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5290",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3190",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 5280",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "latitude 3300",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
},
{
"model": "embedded box pc 3000",
"scope": null,
"trust": 0.8,
"vendor": "\u30c7\u30eb",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"cve": "CVE-2024-22429",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "security_alert@emc.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2024-22429",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2024-22429",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-22429",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "security_alert@emc.com",
"id": "CVE-2024-22429",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2024-22429",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2024-22429",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. Dell Edge Gateway 5000 firmware, precision 5820 tower firmware, Dell Edge Gateway 3000 Unspecified vulnerabilities exist in multiple Dell products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-22429"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-22429",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-017849",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"id": "VAR-202405-3505",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.351984125
},
"last_update_date": "2025-02-04T23:33:52.924000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
"trust": 0.8
},
{
"problemtype": " Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-22429"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"date": "2024-05-17T16:15:07.477000",
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-01-31T07:37:00",
"db": "JVNDB",
"id": "JVNDB-2024-017849"
},
{
"date": "2025-01-30T15:48:29.167000",
"db": "NVD",
"id": "CVE-2024-22429"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in multiple Dell products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-017849"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…