CVE-2024-28970
📋 TL;DR
Dell Client BIOS contains an out-of-bounds write vulnerability that allows a local authenticated malicious user with admin privileges to potentially cause platform denial of service. This affects Dell client systems with vulnerable BIOS versions.
💻 Affected Systems
- Dell Client BIOS
📦 What is this software?
Inspiron 24 5420 All In One Firmware by Dell
View all CVEs affecting Inspiron 24 5420 All In One Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Complete system crash or bricking requiring physical hardware intervention to restore functionality.
Likely Case
Temporary denial of service requiring system reboot to restore normal operation.
If Mitigated
Minimal impact if proper access controls prevent unauthorized local admin access.
🎯 Exploit Status
Requires local authenticated admin access and specific knowledge of BIOS exploitation techniques.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: BIOS updates specified in DSA-2024-168 for affected models
Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000225476/dsa-2024-168
Restart Required: Yes
Instructions:
1. Identify your Dell system model. 2. Visit Dell Support website. 3. Download latest BIOS update for your model from DSA-2024-168. 4. Run BIOS update executable. 5. Restart system when prompted.
🔧 Temporary Workarounds
Restrict Local Admin Access
allLimit number of users with local administrative privileges to reduce attack surface.
Physical Security Controls
allImplement physical security measures to prevent unauthorized physical access to systems.
🧯 If You Can't Patch
- Implement strict least privilege access controls for local administrative accounts
- Monitor for unusual system crashes or BIOS-related events on Dell systems
🔍 How to Verify
Check if Vulnerable:
Check Dell Support site with your system service tag or check current BIOS version against affected versions in DSA-2024-168Check Version:
Windows: wmic bios get smbiosbiosversion | Linux: sudo dmidecode -s bios-versionVerify Fix Applied:
Verify BIOS version has been updated to patched version listed in DSA-2024-168 for your specific model📡 Detection & Monitoring
Log Indicators:
- Unexpected system crashes
- BIOS update failures
- Unauthorized BIOS modification attempts
Network Indicators:
- None - local exploitation only
SIEM Query:
EventID 6008 (Unexpected shutdown) on Windows systems combined with Dell BIOS version checks