Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-42424

CVSS 5.3 · Medium EPSS 0.05% · P14
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-42424

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dell Precision Rack BIOS 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dell Precision Rack BIOS是美国戴尔(Dell)公司的高性能工作站产品的BIOS工具。 Dell Precision Rack BIOS存在输入验证错误漏洞,该漏洞源于不正确的输入验证。具有本地访问权限的高特权攻击者利用该漏洞可以导致信息泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
DellDell Precision Rack BIOS N/A ~ 2.22.1 -

II. Public POCs for CVE-2024-42424

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-42424

登录查看更多情报信息。

Same Patch Batch · Dell · 2024-09-10 · 9 CVEs total

CVE-2024-395838.1 HIGHDell InsightIQ 加密问题漏洞
CVE-2024-424277.6 HIGHDell ThinOS 安全漏洞
CVE-2024-395817.3 HIGHDell InsightIQ 安全漏洞
CVE-2024-395806.7 MEDIUMDell InsightIQ 访问控制错误漏洞
CVE-2024-395746.7 MEDIUMDell InsightIQ 安全漏洞
CVE-2024-424236.1 MEDIUMDell ThinOS 安全漏洞
CVE-2024-424253.8 LOWDell Precision Rack BIOS 安全漏洞
CVE-2024-395822.3 LOWDell InsightIQ 信任管理问题漏洞

IV. Related Vulnerabilities

Same product: Dell Precision Rack BIOS
Same vendor: Dell
Same weakness: CWE-20

V. Comments for CVE-2024-42424

No comments yet

Leave a comment