CVE-2024-22429

Q: What is the severity of CVE-2024-22429?

CVE-2024-22429 has a CVSS score of 7.5 (HIGH). Dell BIOS contains an improper input validation vulnerability that allows a local authenticated malicious user with admin privileges to execute arbitrary code. This affects Dell systems with vulnerable BIOS versions. Attackers could gain persistent control over affected systems.

7.5 HIGH

Remote Code Execution

📋 TL;DR

Dell BIOS contains an improper input validation vulnerability that allows a local authenticated malicious user with admin privileges to execute arbitrary code. This affects Dell systems with vulnerable BIOS versions. Attackers could gain persistent control over affected systems.

💻 Affected Systems

Products:

Dell systems with vulnerable BIOS versions

Versions: Specific versions listed in Dell advisory DSA-2024-020

Operating Systems: All operating systems running on affected Dell hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local authenticated access with administrative privileges. BIOS-level vulnerability affects all OS layers.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with persistent malware installation at BIOS level, allowing attackers to maintain control even after OS reinstallation.

🟠

Likely Case

Local privilege escalation leading to full system control, data theft, and lateral movement capabilities within the network.

🟢

If Mitigated

Limited impact if proper privilege separation and BIOS write protection are enforced, though risk remains for admin users.

🌐 Internet-Facing: LOW - Requires local authenticated access with admin privileges, not directly exploitable over network.

🏢 Internal Only: HIGH - Internal attackers with admin access can exploit this to gain persistent system control.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local admin access and knowledge of BIOS exploitation techniques. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS updates specified in Dell advisory DSA-2024-020

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020

Restart Required: Yes

Instructions:

1. Identify your Dell system model and current BIOS version. 2. Visit Dell Support website. 3. Download appropriate BIOS update for your system. 4. Run BIOS update executable. 5. Restart system when prompted.

🔧 Temporary Workarounds

Restrict BIOS Access

all

Implement BIOS password protection and restrict physical access to systems

Least Privilege Enforcement

all

Limit administrative privileges to essential personnel only

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized local admin access
Enable BIOS write protection features if available in your system

🔍 How to Verify

Check if Vulnerable:

Check BIOS version against affected versions in Dell advisory DSA-2024-020

Check Version:

Windows: wmic bios get smbiosbiosversion
Linux: sudo dmidecode -s bios-version

Verify Fix Applied:

Verify BIOS version has been updated to patched version specified in advisory

📡 Detection & Monitoring

Log Indicators:

BIOS update logs
Failed BIOS modification attempts
Unexpected system restarts

Network Indicators:

Unusual BIOS update traffic from unexpected sources

SIEM Query:

EventID=12 OR EventID=13 (System startup/shutdown) correlated with BIOS-related events

📊 Metadata

CVE ID: CVE-2024-22429

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-20

Published: May 17, 2024

Last Updated: January 30, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020 Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Edge Gateway 3000 Firmware by Dell

Edge Gateway 5000 Firmware by Dell

Embedded Box Pc 3000 Firmware by Dell

Embedded Box Pc 5000 Firmware by Dell

Latitude 12 Rugged Extreme 7214 Firmware by Dell

Latitude 13 3380 Firmware by Dell

Latitude 3180 Firmware by Dell

Latitude 3189 Firmware by Dell

Latitude 3190 2 In 1 Firmware by Dell

Latitude 3190 Firmware by Dell

Latitude 3300 Firmware by Dell

Latitude 3390 2 In 1 Firmware by Dell

Latitude 5280 Firmware by Dell

Latitude 5288 Firmware by Dell

Latitude 5290 2 In 1 Firmware by Dell

Latitude 5290 Firmware by Dell

Latitude 5400 Firmware by Dell

Latitude 5414 Rugged Firmware by Dell

Latitude 5420 Rugged Firmware by Dell

Latitude 5424 Rugged Firmware by Dell

Latitude 5480 Firmware by Dell

Latitude 5488 Firmware by Dell

Latitude 5490 Firmware by Dell

Latitude 5580 Firmware by Dell

Latitude 5590 Firmware by Dell

Latitude 7212 Rugged Extreme Tablet Firmware by Dell

Latitude 7280 Firmware by Dell

Latitude 7285 2 In 1 Firmware by Dell

Latitude 7290 Firmware by Dell

Latitude 7380 Firmware by Dell

Latitude 7390 2 In 1 Firmware by Dell

Latitude 7390 Firmware by Dell

Latitude 7414 Rugged Firmware by Dell

Latitude 7424 Rugged Extreme Firmware by Dell

Latitude 7480 Firmware by Dell

Latitude 7490 Firmware by Dell

Optiplex 3050 All In One Firmware by Dell

Optiplex 3050 Firmware by Dell

Optiplex 5050 Firmware by Dell

Optiplex 7450 All In One Firmware by Dell

Precision 3420 Tower Firmware by Dell

Precision 3520 Firmware by Dell

Precision 3620 Tower Firmware by Dell

Precision 5520 Firmware by Dell

Precision 5530 2 In 1 Firmware by Dell

Precision 5820 Tower Firmware by Dell

Precision 7520 Firmware by Dell

Precision 7720 Firmware by Dell

Wyse 5070 Firmware by Dell

Wyse 7040 Thin Client Firmware by Dell