Article Number: 000221102
DSA-2024-020: Security Update for Dell Client Platform for an Improper Input Validation Vulnerability
Summary: Dell Client Platform remediation is available for an Improper Input Validation Vulnerability that could be exploited by malicious users to compromise the affected systems.
Article Content
Impact
High
Details
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2024-22429 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2024-22429 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. | 7.5 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Affected Products and Remediation
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM/DD/YYYY) | Link |
|---|---|---|---|---|---|
| Dell Edge Gateway 5000 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Dell Precision 5820 Tower | BIOS | Versions prior to 2.36.0 | Versions 2.36.0 or later | 05/10/2024 | Go to the Drivers & Downloads site for updates |
| Edge Gateway 3000 series | BIOS | Versions prior to 1.18.0 | Versions 1.18.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Embedded Box PC 3000 | BIOS | Versions prior to 1.24.0 | Versions 1.24.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Embedded Box PC 5000 | BIOS | Versions prior to 1.25.0 | Versions 1.25.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 12 Rugged Extreme 7214 | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 13 3380 | BIOS | Versions prior to 1.27.0 | Versions 1.27.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3180 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3189 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3190 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3190 2-in-1 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3300 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3390 2-in-1 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5280 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5288 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5290 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5290 2-in-1 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5400 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5420 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5424 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5480 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5488 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5490 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5580 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5590 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7212 Rugged Extreme Tablet | BIOS | Versions prior to 1.50.0 | Versions 1.50.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7280 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7285 2-in-1 | BIOS | Versions prior to 1.26.0 | Versions 1.26.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7290 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7380 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7390 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7390 2-IN-1 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7424 Rugged Extreme | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7480 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7490 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 3050 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 3050 All-In-One | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 5050 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 7450 All-In-One | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3420 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3520 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3620 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Precision 5520 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Precision 5530 2-In-1 | BIOS | Versions prior to 1.31.8 | Versions 1.31.8 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Precision 7520 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Precision 7720 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Wyse 5070 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/10/2024 | Go to the Drivers & Downloads site for updates |
| Wyse 7040 Thin Client | BIOS | Versions prior to 1.25.0 | Versions 1.25.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM/DD/YYYY) | Link |
|---|---|---|---|---|---|
| Dell Edge Gateway 5000 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Dell Precision 5820 Tower | BIOS | Versions prior to 2.36.0 | Versions 2.36.0 or later | 05/10/2024 | Go to the Drivers & Downloads site for updates |
| Edge Gateway 3000 series | BIOS | Versions prior to 1.18.0 | Versions 1.18.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Embedded Box PC 3000 | BIOS | Versions prior to 1.24.0 | Versions 1.24.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Embedded Box PC 5000 | BIOS | Versions prior to 1.25.0 | Versions 1.25.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 12 Rugged Extreme 7214 | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 13 3380 | BIOS | Versions prior to 1.27.0 | Versions 1.27.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3180 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3189 | BIOS | Versions prior to 1.29.0 | Versions 1.29.0 or later | 05/07/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3190 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3190 2-in-1 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3300 | BIOS | Versions prior to 1.28.0 | Versions 1.28.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 3390 2-in-1 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/06/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5280 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5288 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5290 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5290 2-in-1 | BIOS | Versions prior to 1.34.0 | Versions 1.34.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5400 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5420 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5424 Rugged | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5480 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5488 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5490 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5580 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 5590 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7212 Rugged Extreme Tablet | BIOS | Versions prior to 1.50.0 | Versions 1.50.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7280 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7285 2-in-1 | BIOS | Versions prior to 1.26.0 | Versions 1.26.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7290 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7380 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7390 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7390 2-IN-1 | BIOS | Versions prior to 1.35.0 | Versions 1.35.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7414 Rugged | BIOS | Versions prior to 1.46.0 | Versions 1.46.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7424 Rugged Extreme | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/08/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7480 | BIOS | Versions prior to 1.37.0 | Versions 1.37.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Latitude 7490 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 3050 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 3050 All-In-One | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 5050 | BIOS | Versions prior to 1.30.0 | Versions 1.30.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| OptiPlex 7450 All-In-One | BIOS | Versions prior to 1.32.0 | Versions 1.32.0 or later | 05/14/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3420 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3520 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Precision 3620 Tower | BIOS | Versions prior to 2.30.0 | Versions 2.30.0 or later | 05/13/2024 | Go to the Drivers & Downloads site for updates |
| Precision 5520 | BIOS | Versions prior to 1.38.0 | Versions 1.38.0 or later | 05/22/2024 | Go to the Drivers & Downloads site for updates |
| Precision 5530 2-In-1 | BIOS | Versions prior to 1.31.8 | Versions 1.31.8 or later | 05/23/2024 | Go to the Drivers & Downloads site for updates |
| Precision 7520 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Precision 7720 | BIOS | Versions prior to 1.36.0 | Versions 1.36.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
| Wyse 5070 | BIOS | Versions prior to 1.31.0 | Versions 1.31.0 or later | 05/10/2024 | Go to the Drivers & Downloads site for updates |
| Wyse 7040 Thin Client | BIOS | Versions prior to 1.25.0 | Versions 1.25.0 or later | 05/21/2024 | Go to the Drivers & Downloads site for updates |
Workarounds and Mitigations
None
Acknowledgements
CVE-2024-22429: Dell would like to thank schur of BUPT, Dubhe Lab for reporting this issue.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-05-14 | Initial Release |
| 2.0 | 2024-05-17 | Added Revision history section |
| 3.0 | 2024-05-28 | Final Platform update |
Related Information
Legal Information
Article Properties
Affected Product
Dell Edge Gateway 3000 Series, Dell Edge Gateway 5000, Dell Embedded Box PC 3000, Dell Embedded Box PC 5000, Latitude 3180, Latitude 3189, Latitude 3190 2-in-1, Latitude 3190, Latitude 5280/5288, Latitude 5290 2-in-1, Latitude 5290
, Latitude 7212 Rugged Extreme Tablet, Latitude 7214 Rugged Extreme, Latitude 7280, Latitude 7285 2-in-1, Latitude 7290, Latitude 3300, Latitude 13 3380, Latitude 3390 2-in-1, Latitude 7380, Latitude 7390 2-in-1, Latitude 7390, Latitude 5400, Latitude 5414 Rugged, Latitude 5420 Rugged, Latitude 5424 Rugged, Latitude 5480/5488, Latitude 5490, Latitude 7414 Rugged, Latitude 7424 Rugged Extreme, Latitude 7480, Latitude 7490, OptiPlex 3050 All-In-One, OptiPlex 3050 Tower, OptiPlex 3050 Micro, OptiPlex 3050 Small Form Factor, OptiPlex 5050 Tower, OptiPlex 5050 Micro, OptiPlex 5050 Small Form Factor, OptiPlex 7450 All-In-One, Precision 3520, Precision 5520, Precision 5530 2 in 1, Precision 7520, Precision 7720, Precision 5820 Tower, Dell Precision Tower 3420, Dell Precision Tower 3620, Wyse 5070 Thin Client, Wyse 7040 Thin Client
...
Last Published Date
28 May 2024
Version
3
Article Type
Dell Security Advisory