DSA-2026-197: Security Update for Dell Client Platform BIOS for a Weak Encoding for Password Vulnerability
Summary: Dell Client Platform BIOS remediation is available for a Weak Encoding for Password vulnerability that could be exploited by malicious users to compromise the affected system.
Impact
Medium
Additional Details
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Details
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-40639 |
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
5.7 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-40639 |
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
5.7 |
Affected Products & Remediation
|
Product |
Software/Firmware |
Affected Version |
Remediated Version |
Release Date (MM/DD/YYYY) |
Link |
|
Dell Edge Gateway 3000 |
BIOS |
Versions prior to 1.26.0 |
Version 1.26.0 or later |
06/09/2026 |
|
|
Dell Edge Gateway 5000 |
BIOS |
Versions prior to 1.36.0 |
Version 1.36.0 or later |
06/08/2026 |
|
|
DELL EMBEDDED PC 3000 |
BIOS |
Versions prior to 1.32.0 |
Version 1.32.0 or later |
06/09/2026 |
|
|
DELL EMBEDDED PC 5000 |
BIOS |
Versions prior to 1.33.0 |
Version 1.33.0 or later |
06/08/2026 |
|
|
Dell Precision 3630 Tower |
BIOS |
Versions prior to 2.40.0 |
Version 2.40.0 or later |
06/04/2026 |
|
|
Dell Precision 3930 Rack |
BIOS |
Versions prior to 2.43.0 |
Version 2.43.0 or later |
06/04/2026 |
|
|
Latitude 3190 |
BIOS |
Versions prior to 1.44.0 |
Version 1.44.0 or later |
06/16/2026 |
|
|
Latitude 3190 2-in-1 |
BIOS |
Versions prior to 1.44.0 |
Version 1.44.0 or later |
06/16/2026 |
|
|
Latitude 3310 |
BIOS |
Versions prior to 1.33.0 |
Version 1.33.0 or later |
06/11/2026 |
|
|
Latitude 3310 2-In-1 |
BIOS |
Versions prior to 1.32.0 |
Version 1.32.0 or later |
06/11/2026 |
|
|
Latitude 7220 Rugged Extreme |
BIOS |
Versions prior to 1.51.0 |
Version 1.51.0 or later |
06/08/2026 |
|
|
Latitude Rugged 5420 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
Latitude Rugged 5424 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
Latitude Rugged 7220EX |
BIOS |
Versions prior to 1.51.0 |
Version 1.51.0 or later |
06/08/2026 |
|
|
Latitude Rugged 7424 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
OptiPlex 7070 UFF |
BIOS |
Versions prior to 1.36.1 |
Version 1.36.1 or later |
06/10/2026 |
|
|
Precision 3930 Rack |
BIOS |
Versions prior to 2.43.0 |
Version 2.43.0 or later |
06/04/2026 |
|
|
Precision 5540 |
BIOS |
Versions prior to 1.43.0 |
Version 1.43.0 or later |
06/15/2026 |
|
Product |
Software/Firmware |
Affected Version |
Remediated Version |
Release Date (MM/DD/YYYY) |
Link |
|
Dell Edge Gateway 3000 |
BIOS |
Versions prior to 1.26.0 |
Version 1.26.0 or later |
06/09/2026 |
|
|
Dell Edge Gateway 5000 |
BIOS |
Versions prior to 1.36.0 |
Version 1.36.0 or later |
06/08/2026 |
|
|
DELL EMBEDDED PC 3000 |
BIOS |
Versions prior to 1.32.0 |
Version 1.32.0 or later |
06/09/2026 |
|
|
DELL EMBEDDED PC 5000 |
BIOS |
Versions prior to 1.33.0 |
Version 1.33.0 or later |
06/08/2026 |
|
|
Dell Precision 3630 Tower |
BIOS |
Versions prior to 2.40.0 |
Version 2.40.0 or later |
06/04/2026 |
|
|
Dell Precision 3930 Rack |
BIOS |
Versions prior to 2.43.0 |
Version 2.43.0 or later |
06/04/2026 |
|
|
Latitude 3190 |
BIOS |
Versions prior to 1.44.0 |
Version 1.44.0 or later |
06/16/2026 |
|
|
Latitude 3190 2-in-1 |
BIOS |
Versions prior to 1.44.0 |
Version 1.44.0 or later |
06/16/2026 |
|
|
Latitude 3310 |
BIOS |
Versions prior to 1.33.0 |
Version 1.33.0 or later |
06/11/2026 |
|
|
Latitude 3310 2-In-1 |
BIOS |
Versions prior to 1.32.0 |
Version 1.32.0 or later |
06/11/2026 |
|
|
Latitude 7220 Rugged Extreme |
BIOS |
Versions prior to 1.51.0 |
Version 1.51.0 or later |
06/08/2026 |
|
|
Latitude Rugged 5420 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
Latitude Rugged 5424 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
Latitude Rugged 7220EX |
BIOS |
Versions prior to 1.51.0 |
Version 1.51.0 or later |
06/08/2026 |
|
|
Latitude Rugged 7424 |
BIOS |
Versions prior to 1.42.0 |
Version 1.42.0 or later |
06/08/2026 |
|
|
OptiPlex 7070 UFF |
BIOS |
Versions prior to 1.36.1 |
Version 1.36.1 or later |
06/10/2026 |
|
|
Precision 3930 Rack |
BIOS |
Versions prior to 2.43.0 |
Version 2.43.0 or later |
06/04/2026 |
|
|
Precision 5540 |
BIOS |
Versions prior to 1.43.0 |
Version 1.43.0 or later |
06/15/2026 |
Revision History
"
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2026-06-09 | Initial Release |
| 2.0 | 2026-06-16 | Updated Affected Products and Remediation table: Platform list updated |
Acknowledgements
Dell would like to thank Darren McDonald from AmberWolf and Craig S. Blackie from MDSec for reporting this issue.