high
7.5
CWE
20
Advisory Published
Updated

CVE-2024-22429: Input Validation

First published: Fri May 17 2024(Updated: )

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Credit: security_alert@emc.com

Affected SoftwareAffected VersionHow to fix
Dell BIOS
All of
Dell Edge Gateway 5000 firmware<1.28.0
Dell Edge Gateway 5000 firmware
All of
Dell precision 5820 tower firmware<2.36.0
Dell Precision 5820 Tower
All of
Dell edge gateway 3000 firmware<1.18.0
Dell edge gateway 3000
All of
Dell embedded box pc 3000 firmware<1.24.0
Dell embedded box pc 3000
All of
Dell embedded box pc 5000 firmware<1.25.0
Dell embedded box pc 5000
All of
Dell latitude 12 rugged extreme 7214 firmware<1.46.0
Dell latitude 12 rugged extreme 7214
All of
Dell latitude 13 3380 firmware<1.27.0
Dell latitude 13 3380
All of
Dell latitude 3180 firmware<1.29.0
Dell latitude 3180
All of
Dell latitude 3189 firmware<1.29.0
Dell latitude 3189
All of
Dell latitude 3190 firmware<1.34.0
Dell latitude 3190
All of
Dell latitude 3190 2-in-1 firmware<1.34.0
Dell latitude 3190 2-in-1
All of
Dell latitude 3300 firmware<1.28.0
Dell latitude 3300
All of
Dell latitude 3390 2-in-1 firmware<1.31.0
Dell latitude 3390 2-in-1
All of
Dell latitude 5280 firmware<1.36.0
Dell latitude 5280
All of
Dell latitude 5288 firmware<1.36.0
Dell latitude 5288
All of
Dell latitude 5290 firmware<1.35.0
Dell latitude 5290
All of
Dell latitude 5290 2-in-1 firmware<1.34.0
Dell latitude 5290 2-in-1
All of
Dell latitude 5400 firmware<1.30.0
Dell latitude 5400
All of
Dell latitude 5414 rugged firmware<1.46.0
Dell latitude 5414 rugged
All of
Dell latitude 5420 rugged firmware<1.32.0
Dell latitude 5420 rugged
All of
Dell latitude 5424 rugged firmware<1.32.0
Dell latitude 5424 rugged
All of
Dell latitude 5480 firmware<1.36.0
Dell latitude 5480
All of
Dell Latitude 5488 Firmware<1.36.0
Dell Latitude 5488 Firmware
All of
Dell Latitude 5490 Firmware<1.35.0
Dell Latitude 5490 Firmware
All of
Dell latitude 5580 firmware<1.36.0
Dell latitude 5580
All of
Dell latitude 5590 firmware<1.35.0
Dell latitude 5590
All of
Dell latitude 7212 rugged extreme tablet firmware<1.50.0
Dell latitude 7212 rugged extreme tablet
All of
Dell latitude 7280 firmware<1.37.0
Dell latitude 7280
All of
Dell Latitude 7285 2-in-1 Firmware<1.26.0
Dell Latitude 7285
All of
Dell latitude 7290 firmware<1.38.0
Dell latitude 7290
All of
Dell Latitude 7380 Firmware<1.37.0
Dell Latitude 7380 Firmware
All of
Dell latitude 7390 firmware<1.38.0
Dell latitude 7390
All of
Dell latitude 7390 2-in-1 firmware<1.35.0
Dell latitude 7390 2-in-1
All of
Dell latitude 7414 rugged firmware<1.46.0
Dell latitude 7414 rugged
All of
Dell latitude 7424 rugged extreme firmware<1.32.0
Dell latitude 7424 rugged extreme
All of
Dell latitude 7480 firmware<1.37.0
Dell latitude 7480
All of
Dell latitude 7490 firmware<1.38.0
Dell latitude 7490
All of
Dell optiplex 3050 firmware<1.30.0
Dell optiplex 3050
All of
Dell optiplex 3050 all-in-one firmware<1.32.0
Dell optiplex 3050 all-in-one
All of
Dell optiplex 5050 firmware<1.30.0
Dell optiplex 5050
All of
Dell optiplex 7450 all-in-one firmware<1.32.0
Dell optiplex 7450 all-in-one
All of
Dell precision 3420 tower firmware<2.30.0
Dell Precision 3420
All of
Dell precision 3520 firmware<1.36.0
Dell precision 3520
All of
Dell Precision 3620 Firmware<2.30.0
Dell precision 3620 tower
All of
Dell precision 5520 firmware<1.38.0
Dell precision 5520
All of
Dell Precision 5530 2-in-1 Firmware<1.31.8
Dell Precision 5530 2-in-1 Firmware
All of
Dell precision 7520 firmware<1.36.0
Dell precision 7520
All of
Dell Precision 7720 Firmware<1.36.0
Dell Precision 7720
All of
Dell Wyse 5070<1.31.0
Dell Wyse 5070 Firmware
All of
Dell Wyse 7040 Thin Client Firmware<1.25.0
Dell Wyse 7040 Thin Client

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-22429?

    The severity of CVE-2024-22429 is not explicitly rated but involves a local authenticated malicious user exploiting improper input validation for arbitrary code execution.

  • How do I fix CVE-2024-22429?

    To fix CVE-2024-22429, it is recommended to update the Dell BIOS to the latest version provided by Dell.

  • Who is affected by CVE-2024-22429?

    CVE-2024-22429 affects various Dell BIOS versions across multiple Dell product lines including Latitude, Precision, and OptiPlex.

  • What are the potential impacts of exploiting CVE-2024-22429?

    Exploiting CVE-2024-22429 could lead to arbitrary code execution by an authenticated attacker with admin privileges.

  • When was CVE-2024-22429 disclosed?

    CVE-2024-22429 was disclosed as part of Dell's security advisory in 2024.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203