CVE-2025-29988

CWE-121 — Stack-based Buffer Overflow CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 82.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

262

Dell Dell Client Platform Bios Dell 14 Plus 2-in-1 Db04250 Firmware Dell 14 Plus Db14250 Firmware +259 more

Timeline

PublishedApr 9

Description

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:HExploitability: 1.1 | Impact: 5.3

Affected Packages262 packages

▶CVEListV5dell/dell_client_platform_biosN/A — 2.1.5+3

▶NVDdell/optiplex_3000_thin_client_firmware< 1.26.0

▶NVDdell/g15_5510_firmware< 1.31.0

▶NVDdell/g15_5511_firmware< 1.35.0

▶NVDdell/g15_5520_firmware< 1.32.0

🔴Vulnerability Details

CVEList

CVE-2025-29988: Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability↗2025-04-09

▶

GHSA

GHSA-3pqf-w7fm-5f4w: Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability↗2025-04-09

▶