DSA-2024-354: Security Update for a Dell Client Platform BIOS for a Use of Default Cryptographic Key Vulnerability

Table of Contents

Detailed Article

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Acknowledgements

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Dell Client Platform BIOS remediation is available for a Use of Default Cryptographic Key vulnerability that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Impact

High

Details

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2024-39584	Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.	8.2	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2024-39584	Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.	8.2	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product	Software/Firmware	Affected Versions	Remediated Versions	Release Date (MM/DD/YYYY)	Link
Alienware Area 51m R2	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R13	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/06/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R15	BIOS	Versions prior to 1.17.0	Versions 1.17.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R15 AMD	BIOS	Versions prior to 1.15.0	Versions 1.15.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora Ryzen Edition R14	BIOS	Versions prior to 2.19.1	Versions 2.19.1 or later	09/06/2024	Go to the Drivers & Downloads site for updates
Alienware m15 R3	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware m15 R4	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware m17 R3	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware m17 R4	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware x14	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x15 R1	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x15 R2	BIOS	Versions prior to 1.22.0	Versions 1.22.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware x17 R1	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x17 R2	BIOS	Versions prior to 1.22.0	Versions 1.22.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
AURORA R16	BIOS	Versions prior to 2.13.0	Versions 2.13.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates
Inspiron 15 3510	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/12/2024	Go to the Drivers & Downloads site for updates
Inspiron 15 3521	BIOS	Versions prior to 1.16.0	Versions 1.16.0 or later	09/11/2024	Go to the Drivers & Downloads site for updates
Inspiron 3502	BIOS	Versions prior to 1.18.0	Versions 1.18.0 or later	09/12/2024	Go to the Drivers & Downloads site for updates
XPS 8950	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/06/2024	Go to the Drivers & Downloads site for updates
XPS 8960	BIOS	Versions prior to 2.12.0	Versions 2.12.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates

Product	Software/Firmware	Affected Versions	Remediated Versions	Release Date (MM/DD/YYYY)	Link
Alienware Area 51m R2	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R13	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/06/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R15	BIOS	Versions prior to 1.17.0	Versions 1.17.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora R15 AMD	BIOS	Versions prior to 1.15.0	Versions 1.15.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware Aurora Ryzen Edition R14	BIOS	Versions prior to 2.19.1	Versions 2.19.1 or later	09/06/2024	Go to the Drivers & Downloads site for updates
Alienware m15 R3	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware m15 R4	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware m17 R3	BIOS	Versions prior to 1.29.0	Versions 1.29.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware m17 R4	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware x14	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x15 R1	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x15 R2	BIOS	Versions prior to 1.22.0	Versions 1.22.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
Alienware x17 R1	BIOS	Versions prior to 1.24.0	Versions 1.24.0 or later	08/27/2024	Go to the Drivers & Downloads site for updates
Alienware x17 R2	BIOS	Versions prior to 1.22.0	Versions 1.22.0 or later	08/28/2024	Go to the Drivers & Downloads site for updates
AURORA R16	BIOS	Versions prior to 2.13.0	Versions 2.13.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates
Inspiron 15 3510	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/12/2024	Go to the Drivers & Downloads site for updates
Inspiron 15 3521	BIOS	Versions prior to 1.16.0	Versions 1.16.0 or later	09/11/2024	Go to the Drivers & Downloads site for updates
Inspiron 3502	BIOS	Versions prior to 1.18.0	Versions 1.18.0 or later	09/12/2024	Go to the Drivers & Downloads site for updates
XPS 8950	BIOS	Versions prior to 1.21.0	Versions 1.21.0 or later	09/06/2024	Go to the Drivers & Downloads site for updates
XPS 8960	BIOS	Versions prior to 2.12.0	Versions 2.12.0 or later	10/22/2024	Go to the Drivers & Downloads site for updates

Workarounds & Mitigations

None

Revision History

Revision	Date	Description
1.0	2024-08-27	Initial Release
2.0	2024-08-28	Updated Affected Products and Remediation Section: Platform List Update
3.0	2024-09-11	Updated Affected Products and Remediation Section: Platform List Update
4.0	2024-09-18	Updated Affected Products and Remediation Section: Platform List Update
5.0	2024-10-24	Updated Affected Products and Remediation Section: Final Platform List Update

Acknowledgements

CVE-2024-39584: Dell Technologies would like to thank BINARLY REsearch team for reporting this issue.

Related Information

Legal Disclaimer

Affected Products

Alienware Area-51m R2, Alienware Aurora R13, Alienware Aurora Ryzen Edition R14, Alienware Aurora R15 AMD, Alienware Aurora R15, Alienware Aurora R16, Alienware M15 R3, Alienware m15 R4, Alienware M17 R3, Alienware m17 R4, Alienware x14 , Alienware x15 R1, Alienware x15 R2, Alienware x17 R1, Alienware x17 R2, Alienware x14, Inspiron 3502, Inspiron 15 3510, Inspiron 15 3521, XPS 8950, XPS 8960 ...

Article Number: 000227594

Article Type: Dell Security Advisory

Last Modified: 24 Oct 2024

Check if your device is covered by Support Services.

DSA-2024-354: Security Update for a Dell Client Platform BIOS for a Use of Default Cryptographic Key Vulnerability

Summary: Dell Client Platform BIOS remediation is available for a Use of Default Cryptographic Key vulnerability that could be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Acknowledgements

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services