CVE-2024-25942

Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Published: Mar 19, 2024
Updated: May 4, 2025
CVE: CVE-2024-25942
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:P/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

CWEs:

Affected Software
References

Software	From	Fixed in
dell / poweredge_r730_firmware	-	2.19.0
dell / poweredge_r730xd_firmware	-	2.19.0
dell / poweredge_r630_firmware	-	2.19.0
dell / poweredge_c4130_firmware	-	2.19.0
dell / poweredge_r930_firmware	-	2.14.0
dell / poweredge_m630_firmware	-	2.19.0
dell / poweredge_m630_(pe_vrtx)_firmware	-	2.19.0
dell / poweredge_fc630_firmware	-	2.19.0
dell / poweredge_fc430_firmware	-	2.19.0
dell / poweredge_m830_firmware	-	2.19.0
dell / poweredge_m830_(pe_vrtx)_firmware	-	2.19.0
dell / poweredge_fc830_firmware	-	2.19.0
dell / poweredge_t630_firmware	-	2.19.0
dell / poweredge_r530_firmware	-	2.19.0
dell / poweredge_r430_firmware	-	2.19.0
dell / poweredge_t430_firmware	-	2.19.0
dell / poweredge_r830_firmware	-	1.19.0
dell / poweredge_c6320_firmware	-	2.19.0
dell / nx3230_firmware	-	2.19.0
dell / nx3330_firmware	-	2.19.0
dell / xc6320_firmware	-	2.19.0
dell / xc430_firmware	-	2.19.0
dell / xc630_firmware	-	2.19.0
dell / xc730_firmware	-	2.19.0
dell / xc730xd_firmware	-	2.19.0

https://www.dell.com/support/kbdoc/en-us/000223210/dsa-2024-104-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability

Vulnerability Database

290,206

CVE-2024-25942