CVE-2025-36579

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2025-36579
StatePUBLISHED
Assignerdell
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-04-16 17:16:54 UTC
Updated2026-04-17 15:14:05 UTC
DescriptionDell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

Risk And Classification

Primary CVSS: v3.1 5.1 MEDIUM from [email protected]

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

EPSS: 0.000100000 probability, percentile 0.010990000 (date 2026-04-21)

Problem Types: CWE-640 | CWE-640 CWE-640: Weak Password Recovery Mechanism for Forgotten Password

VersionSourceTypeScoreSeverityVector
3.1[email protected]Secondary5.1MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
3.1CNACVSS5.1MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CVSS v3.1 Breakdown

Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Dell Dell Pro 14 Essential PV14250 affected 1.4.0 semver Not specified
CNA Dell Dell Pro Micro / QCM1255 affected 1.9.1 semver Not specified
CNA Dell Dell Pro Slim / QCS1255 affected 1.9.1 semver Not specified
CNA Dell Dell Pro Tower / QCT1255 affected 1.9.1 semver Not specified
CNA Dell Alienware 16 Area-51 AA16250 affected 1.9.0 semver Not specified
CNA Dell Alienware 16X Aurora AC16251 affected 1.8.1 semver Not specified
CNA Dell Alienware 18 Area-51 AA18250 affected 1.9.0 semver Not specified
CNA Dell Alienware Area-51 AAT225 affected 1.11.0 semver Not specified
CNA Dell Alienware Aurora ACT1250 affected 1.10.0 semver Not specified
CNA Dell Alienware M15 R6 affected 1.42.0 semver Not specified
CNA Dell Alienware M15 R7 affected 1.37.0 semver Not specified
CNA Dell Alienware M16 R1 affected 1.32.0 semver Not specified
CNA Dell Alienware M16 R2 affected 1.18.0 semver Not specified
CNA Dell Alienware M18 R1 affected 1.32.0 semver Not specified
CNA Dell Alienware M18 R2 affected 1.20.0 semver Not specified
CNA Dell Alienware X14 R2 affected 1.30.1 semver Not specified
CNA Dell Alienware X16 R1 affected 1.30.1 semver Not specified
CNA Dell Alienware X16 R2 affected 1.18.1 semver Not specified
CNA Dell ChengMing 3900 affected 1.37.0 semver Not specified
CNA Dell ChengMing 3910/3911 affected 1.32.0 semver Not specified
CNA Dell ChengMing 3990 affected 1.35.1 semver Not specified
CNA Dell ChengMing 3991 affected 1.35.1 semver Not specified
CNA Dell Dell 14 DC14250 affected 1.4.0 semver Not specified
CNA Dell Dell 14 Premium DA14250 affected 1.5.1 semver Not specified
CNA Dell Dell 15 DC15250 affected 1.6.0 semver Not specified
CNA Dell Dell 16 DC16250 affected 1.7.0 semver Not specified
CNA Dell Dell 16 DC16251 affected 1.7.0 semver Not specified
CNA Dell Dell 16 Premium DA16250 affected 1.7.0 semver Not specified
CNA Dell Dell G15 5510 affected 1.38.0 semver Not specified
CNA Dell Dell G15 5511 affected 1.41.0 semver Not specified
CNA Dell Dell G15 5520 affected 1.38.0 semver Not specified
CNA Dell Dell G15 5530 affected 1.30.0 semver Not specified
CNA Dell Dell G16 7620 affected 1.38.0 semver Not specified
CNA Dell Dell G16 7630 affected 1.30.0 semver Not specified
CNA Dell Dell G5 5000 affected 1.28.2 semver Not specified
CNA Dell Dell Pro 13 Plus PB13250 affected 2.8.1 semver Not specified
CNA Dell Dell Pro 13 Plus PB13255 affected 1.9.1 semver Not specified
CNA Dell Dell Pro 13 Premium PA13250 affected 2.8.1 semver Not specified
CNA Dell Dell Pro 14 PC14250 affected 1.10.2 semver Not specified
CNA Dell Dell Pro 14 Plus PB14250 affected 2.8.1 semver Not specified
CNA Dell Dell Pro 14 Plus PB14255 affected 1.9.1 semver Not specified
CNA Dell Dell Pro 14 Premium PA14250 affected 2.8.1 semver Not specified
CNA Dell Dell Pro 15 Essential PV15250 affected 1.2.0 semver Not specified
CNA Dell Dell Pro 16 PC16250 affected 1.10.2 semver Not specified
CNA Dell Dell Pro 16 Plus PB16250 affected 2.8.1 semver Not specified
CNA Dell Dell Pro 16 Plus PB16255 affected 1.9.1 custom Not specified
CNA Dell Dell Pro 24 All-in-One Plus/Dell Pro 24 All-in-One affected 1.10.1 semver Not specified
CNA Dell Dell Pro Laptop PC14250 affected 1.10.2 semver Not specified
CNA Dell Dell Pro Laptop PC16250 affected 1.10.2 semver Not specified
CNA Dell Dell Pro Max 14 MC14250 affected 1.9.0 semver Not specified
CNA Dell Dell Pro Max 14 MC14255 affected 1.6.2 semver Not specified
CNA Dell Dell Pro Max 16 MC16250 affected 1.9.0 semver Not specified
CNA Dell Dell Pro Max 16 MC16255 affected 1.6.2 semver Not specified
CNA Dell Dell Pro Max Micro FCM2250 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Max Slim FCS1250 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Max Tower T2 FCT2250 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Micro/Micro Plus QCM1250/QBM1250 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Rugged 13 RA13250 affected 1.12.1 semver Not specified
CNA Dell Dell Pro Rugged 14 RB14250 affected 1.12.1 semver Not specified
CNA Dell Dell Pro Slim Essential QVS1260 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Slim Plus QBS1250/Dell Pro Slim QCS1250 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Tower Essential QVT1260 affected 1.10.1 semver Not specified
CNA Dell Dell Pro Tower Plus QBT1250/Dell Pro Tower QCT1250 affected 1.10.1 semver Not specified
CNA Dell Dell Slim ECS1250 affected 1.10.1 semver Not specified
CNA Dell Dell Tower ECT1250 affected 1.10.1 semver Not specified
CNA Dell Dell Tower Plus EBT2250 affected 1.11.0 semver Not specified
CNA Dell Inspiron 13 5320 affected 1.30.0 semver Not specified
CNA Dell Inspiron 13 5330 affected 1.28.0 semver Not specified
CNA Dell Inspiron 14 5420 affected 1.33.0 semver Not specified
CNA Dell Inspiron 14 5430 affected 1.26.0 semver Not specified
CNA Dell Inspiron 14 5440 affected 1.19.0 semver Not specified
CNA Dell Inspiron 14 7420 2-in-1 affected 1.31.0 semver Not specified
CNA Dell Inspiron 14 7430 2-in-1 affected 1.26.0 semver Not specified
CNA Dell Inspiron 14 7440 2-in-1 affected 1.19.0 semver Not specified
CNA Dell Inspiron 14 Plus 7420 affected 1.34.0 semver Not specified
CNA Dell Inspiron 14 Plus 7430 affected 1.26.0 semver Not specified
CNA Dell Inspiron 14 Plus 7440 affected 1.22.0 semver Not specified
CNA Dell Inspiron 15 3511 affected 1.43.0 semver Not specified
CNA Dell Inspiron 15 3520 affected 1.39.0 semver Not specified
CNA Dell Inspiron 16 5620 affected 1.33.0 semver Not specified
CNA Dell Inspiron 16 5630 affected 1.26.0 semver Not specified
CNA Dell Inspiron 16 5640 affected 1.18.0 semver Not specified
CNA Dell Inspiron 16 7610 affected 1.36.0 semver Not specified
CNA Dell Inspiron 16 7620 2-in-1 affected 1.31.0 semver Not specified
CNA Dell Inspiron 16 7630 2-in-1 affected 1.26.0 semver Not specified
CNA Dell Inspiron 16 7640 2-in-1 affected 1.18.0 semver Not specified
CNA Dell Inspiron 16 Plus 7620 affected 1.34.0 semver Not specified
CNA Dell Inspiron 16 Plus 7630 affected 1.26.0 semver Not specified
CNA Dell Inspiron 16 Plus 7640 affected 1.22.0 semver Not specified
CNA Dell Inspiron 24 5420 All-in-One affected 1.25.0 semver Not specified
CNA Dell Inspiron 24 5430 All-in-One affected 1.18.0 semver Not specified
CNA Dell Inspiron 27 7720 All-in-One affected 1.25.0 semver Not specified
CNA Dell Inspiron 27 7730 All-in-One affected 1.18.0 semver Not specified
CNA Dell Inspiron 3020 Desktop affected 1.32.0 semver Not specified
CNA Dell Inspiron 3020 Small Desktop affected 1.32.0 semver Not specified
CNA Dell Inspiron 3030 affected 1.22.1 semver Not specified
CNA Dell Inspiron 3030S affected 1.22.1 semver Not specified
CNA Dell Inspiron 3910 affected 1.37.0 semver Not specified
CNA Dell Inspiron 5400/5401 affected 1.37.0 semver Not specified
CNA Dell Inspiron 5401 AIO affected 1.37.0 semver Not specified
CNA Dell Inspiron 5410 All-in-One affected 1.35.0 semver Not specified
CNA Dell Inspiron 5510 affected 2.39.0 semver Not specified
CNA Dell Inspiron 7700 All-In-One affected 1.37.0 semver Not specified
CNA Dell Inspiron 7710 All-in-One affected 1.35.0 semver Not specified
CNA Dell Latitude 3120 affected 1.35.1 semver Not specified
CNA Dell Latitude 3140 affected 1.28.1 semver Not specified
CNA Dell Latitude 3140 2in1 affected 1.28.1 semver Not specified
CNA Dell Latitude 3320 affected 1.41.0 semver Not specified
CNA Dell Latitude 3330 affected 1.33.0 semver Not specified
CNA Dell Latitude 3340 affected 1.29.0 semver Not specified
CNA Dell Latitude 3410 affected 1.36.0 semver Not specified
CNA Dell Latitude 3420 affected 1.46.0 semver Not specified
CNA Dell Latitude 3430 affected 1.32.0 semver Not specified
CNA Dell Latitude 3440 affected 1.29.0 semver Not specified
CNA Dell Latitude 3450 affected 1.20.0 semver Not specified
CNA Dell Latitude 3510 affected 1.36.0 semver Not specified
CNA Dell Latitude 3520 affected 1.46.0 semver Not specified
CNA Dell Latitude 3530 affected 1.32.0 semver Not specified
CNA Dell Latitude 3540 affected 1.29.0 semver Not specified
CNA Dell Latitude 3550 affected 1.20.0 semver Not specified

References

ReferenceSourceLinkTags
www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153 [email protected] www.dell.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: Dell Technologies would like to thank Bill Demirkapi of the Microsoft Security Response Center for reporting this issue. (en)

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report