CVE-2025-36600 — Improper Access Control Applied to Mirrored or Aliased Memory Regions in Dell Client Platform Bios

CWE-1257 — Improper Access Control Applied to Mirrored or Aliased Memory Regions3 documents3 sources

Severity

8.2HIGHNVD

EPSS

0.0%

top 94.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Client Platform Bios Dell Latitude 12 Rugged Extreme 7214 Firmware

Timeline

PublishedJul 8

Description

Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5dell/client_platform_biosN/A — 1.51.0

▶NVDdell/latitude_12_rugged_extreme_7214_firmware< 1.51.0

🔴Vulnerability Details

CVEList

CVE-2025-36600: Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed c↗2025-07-08

▶

GHSA

GHSA-q83x-5cgr-9m2c: Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed c↗2025-07-08

▶