CVE-2024-25942

Published Mar 19, 2024
Last updated 10 months ago
CVSS medium 4.4
Overview

Description: Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Source: security_alert@emc.com
NVD status: Analyzed
Products: poweredge_r730_firmware, poweredge_r730xd_firmware, poweredge_r630_firmware, poweredge_c4130_firmware, poweredge_r930_firmware, poweredge_m630_firmware, poweredge_m630_\(pe_vrtx\)_firmware, poweredge_fc630_firmware, poweredge_fc430_firmware, poweredge_m830_firmware, poweredge_m830_\(pe_vrtx\)_firmware, poweredge_fc830_firmware, poweredge_t630_firmware, poweredge_r530_firmware, poweredge_r430_firmware, poweredge_t430_firmware, poweredge_r830_firmware, poweredge_c6320_firmware, nx3230_firmware, nx3330_firmware, xc6320_firmware, xc430_firmware, xc630_firmware, xc730_firmware, xc730xd_firmware
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.8
Exploitability score: 0.5
Vector string: CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Severity: MEDIUM
Weaknesses

security_alert@emc.com: CWE-20
nvd@nist.gov: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r730_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEA86EFE-D74A-4FAF-AC9A-633727D72576",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r730:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F2D8095-BFAD-4A4C-92EF-5C27AC5860FC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r730xd_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F86999EA-7EED-4463-8CF3-53A4F1A4E68F",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r730xd:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F20FC968-9159-4514-9001-B6E14AAC9BB4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r630_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A95501F-9CB4-4758-90FB-7993C5B8479F",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r630:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3889B4D3-0B99-44AC-B732-809F7652C9D2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_c4130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "373FCE8C-3C8D-4698-9888-98C65E6D7C01",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_c4130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "89E0CC72-B046-4F7C-B7FD-E8E0995C0333"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r930_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A2C8BFD-3874-4912-8EC1-98647E3D0C9D",
            "versionEndExcluding": "2.14.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r930:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1669BF88-F4AC-4166-B657-A5E0EB95F206"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_m630_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7BB719C-00D7-4C78-BB42-329BE0420309",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_m630:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "05ABA114-D098-48D2-9E0F-E021D82F08B2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_m630_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D42919E5-52CF-44A1-B4FD-A5B9799211E1",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_m630_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D90D2E26-AD95-4284-9007-50A60364A34C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_fc630_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB9AD96-DE95-4F41-98A1-C27F41123BD2",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_fc630:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E5481DE-457C-44D4-A3FE-10DB525699E3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_fc430_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "077D28F0-6748-4F82-982F-753F998427A6",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_fc430:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1C272E6-7D78-433C-B668-EF0E810CC5BB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_m830_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790AB221-887C-44BB-9819-895266CC966B",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_m830:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3BE9AB9-8093-437E-9BF6-8BA0D5ECC7D3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_m830_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C2E7166-A7C5-477E-B9DB-6E23B4D79FC4",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_m830_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FE4FDBF0-B9FE-4A7C-93B7-FF9E0E63B424"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_fc830_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DA2898A-EC3A-4D35-B8EB-6CF9E346CFFE",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_fc830:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C060A4FA-B524-497C-AC27-3256ED048DF7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_t630_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB9F2BE0-F283-472F-A583-6B9283E4A529",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_t630:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6F2B4062-E672-4F04-AA58-769DC546DA10"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E28BABF-8EE2-4ED0-8341-329FE56E34BF",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r530:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1ECA70D5-0884-4B74-92C0-DFBC8454FDAD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r430_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8082BDB-1AC5-45B2-949B-1B5B8DD6126B",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r430:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8EFF354-4534-480D-B52E-5FA575659E77"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_t430_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2931E08C-E557-4E30-9A3B-81AA9CE1056E",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_t430:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B326C0B3-8CDF-4451-8B59-6E6EA3F1AB76"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_r830_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06131E42-6E13-4C93-BEA3-A3073AF05A17",
            "versionEndExcluding": "1.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_r830:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EFD80313-F625-40DE-82CC-15EBD2747991"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:poweredge_c6320_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D55DF536-984E-4BE6-A9E5-613CDAAD8171",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:poweredge_c6320:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB62B772-0492-490F-B971-93854DFD0CE0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:nx3230_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5945E528-0ECE-4C0F-9D6D-FC0FA8BCBC37",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:nx3230:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24D0E8F8-4EEB-4A1E-B853-3704140A86B8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:nx3330_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A372313B-02BA-4B1F-B0FB-175D4DCEFF58",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:nx3330:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9428F53B-5740-4E8F-8569-ECE6CA4C137F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:xc6320_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5CE9E93-A46D-40E3-B115-237BA73D91E2",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:xc6320:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93911F86-8562-43A9-8DCC-34482CD1233A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:xc430_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D20DBEE-30BF-4CD7-8E52-966851D54215",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:xc430:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A999FC9-150A-472C-8B57-5E41D43B6BEC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:xc630_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01B3B015-74E9-4A61-AEA4-A322FDC28445",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:xc630:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "48F88DD5-EE82-467E-9E19-88C7829EE1CB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:xc730_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A328429-B728-4DB6-9E33-8B4986537A35",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:xc730:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1D48B26-84DE-477D-9220-B600938ED14B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:xc730xd_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE4346FD-76DD-4ABD-8820-3456DDEB5FD1",
            "versionEndExcluding": "2.19.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:xc730xd:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "193DEB94-B27C-4038-A544-3CCC35FBCEA5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
