CVE-2025-36579
Summary
| CVE | CVE-2025-36579 |
|---|---|
| State | PUBLISHED |
| Assigner | dell |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-16 17:16:54 UTC |
| Updated | 2026-04-17 15:14:05 UTC |
| Description | Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access. |
Risk And Classification
Primary CVSS: v3.1 5.1 MEDIUM from [email protected]
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
EPSS: 0.000100000 probability, percentile 0.010990000 (date 2026-04-21)
Problem Types: CWE-640 | CWE-640 CWE-640: Weak Password Recovery Mechanism for Forgotten Password
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Secondary | 5.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L |
| 3.1 | CNA | CVSS | 5.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L |
CVSS v3.1 Breakdown
Attack Vector
PhysicalAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
ChangedConfidentiality
LowIntegrity
LowAvailability
LowCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Dell | Dell Pro 14 Essential PV14250 | affected 1.4.0 semver | Not specified |
| CNA | Dell | Dell Pro Micro / QCM1255 | affected 1.9.1 semver | Not specified |
| CNA | Dell | Dell Pro Slim / QCS1255 | affected 1.9.1 semver | Not specified |
| CNA | Dell | Dell Pro Tower / QCT1255 | affected 1.9.1 semver | Not specified |
| CNA | Dell | Alienware 16 Area-51 AA16250 | affected 1.9.0 semver | Not specified |
| CNA | Dell | Alienware 16X Aurora AC16251 | affected 1.8.1 semver | Not specified |
| CNA | Dell | Alienware 18 Area-51 AA18250 | affected 1.9.0 semver | Not specified |
| CNA | Dell | Alienware Area-51 AAT225 | affected 1.11.0 semver | Not specified |
| CNA | Dell | Alienware Aurora ACT1250 | affected 1.10.0 semver | Not specified |
| CNA | Dell | Alienware M15 R6 | affected 1.42.0 semver | Not specified |
| CNA | Dell | Alienware M15 R7 | affected 1.37.0 semver | Not specified |
| CNA | Dell | Alienware M16 R1 | affected 1.32.0 semver | Not specified |
| CNA | Dell | Alienware M16 R2 | affected 1.18.0 semver | Not specified |
| CNA | Dell | Alienware M18 R1 | affected 1.32.0 semver | Not specified |
| CNA | Dell | Alienware M18 R2 | affected 1.20.0 semver | Not specified |
| CNA | Dell | Alienware X14 R2 | affected 1.30.1 semver | Not specified |
| CNA | Dell | Alienware X16 R1 | affected 1.30.1 semver | Not specified |
| CNA | Dell | Alienware X16 R2 | affected 1.18.1 semver | Not specified |
| CNA | Dell | ChengMing 3900 | affected 1.37.0 semver | Not specified |
| CNA | Dell | ChengMing 3910/3911 | affected 1.32.0 semver | Not specified |
| CNA | Dell | ChengMing 3990 | affected 1.35.1 semver | Not specified |
| CNA | Dell | ChengMing 3991 | affected 1.35.1 semver | Not specified |
| CNA | Dell | Dell 14 DC14250 | affected 1.4.0 semver | Not specified |
| CNA | Dell | Dell 14 Premium DA14250 | affected 1.5.1 semver | Not specified |
| CNA | Dell | Dell 15 DC15250 | affected 1.6.0 semver | Not specified |
| CNA | Dell | Dell 16 DC16250 | affected 1.7.0 semver | Not specified |
| CNA | Dell | Dell 16 DC16251 | affected 1.7.0 semver | Not specified |
| CNA | Dell | Dell 16 Premium DA16250 | affected 1.7.0 semver | Not specified |
| CNA | Dell | Dell G15 5510 | affected 1.38.0 semver | Not specified |
| CNA | Dell | Dell G15 5511 | affected 1.41.0 semver | Not specified |
| CNA | Dell | Dell G15 5520 | affected 1.38.0 semver | Not specified |
| CNA | Dell | Dell G15 5530 | affected 1.30.0 semver | Not specified |
| CNA | Dell | Dell G16 7620 | affected 1.38.0 semver | Not specified |
| CNA | Dell | Dell G16 7630 | affected 1.30.0 semver | Not specified |
| CNA | Dell | Dell G5 5000 | affected 1.28.2 semver | Not specified |
| CNA | Dell | Dell Pro 13 Plus PB13250 | affected 2.8.1 semver | Not specified |
| CNA | Dell | Dell Pro 13 Plus PB13255 | affected 1.9.1 semver | Not specified |
| CNA | Dell | Dell Pro 13 Premium PA13250 | affected 2.8.1 semver | Not specified |
| CNA | Dell | Dell Pro 14 PC14250 | affected 1.10.2 semver | Not specified |
| CNA | Dell | Dell Pro 14 Plus PB14250 | affected 2.8.1 semver | Not specified |
| CNA | Dell | Dell Pro 14 Plus PB14255 | affected 1.9.1 semver | Not specified |
| CNA | Dell | Dell Pro 14 Premium PA14250 | affected 2.8.1 semver | Not specified |
| CNA | Dell | Dell Pro 15 Essential PV15250 | affected 1.2.0 semver | Not specified |
| CNA | Dell | Dell Pro 16 PC16250 | affected 1.10.2 semver | Not specified |
| CNA | Dell | Dell Pro 16 Plus PB16250 | affected 2.8.1 semver | Not specified |
| CNA | Dell | Dell Pro 16 Plus PB16255 | affected 1.9.1 custom | Not specified |
| CNA | Dell | Dell Pro 24 All-in-One Plus/Dell Pro 24 All-in-One | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Laptop PC14250 | affected 1.10.2 semver | Not specified |
| CNA | Dell | Dell Pro Laptop PC16250 | affected 1.10.2 semver | Not specified |
| CNA | Dell | Dell Pro Max 14 MC14250 | affected 1.9.0 semver | Not specified |
| CNA | Dell | Dell Pro Max 14 MC14255 | affected 1.6.2 semver | Not specified |
| CNA | Dell | Dell Pro Max 16 MC16250 | affected 1.9.0 semver | Not specified |
| CNA | Dell | Dell Pro Max 16 MC16255 | affected 1.6.2 semver | Not specified |
| CNA | Dell | Dell Pro Max Micro FCM2250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Max Slim FCS1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Max Tower T2 FCT2250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Micro/Micro Plus QCM1250/QBM1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Rugged 13 RA13250 | affected 1.12.1 semver | Not specified |
| CNA | Dell | Dell Pro Rugged 14 RB14250 | affected 1.12.1 semver | Not specified |
| CNA | Dell | Dell Pro Slim Essential QVS1260 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Slim Plus QBS1250/Dell Pro Slim QCS1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Tower Essential QVT1260 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Pro Tower Plus QBT1250/Dell Pro Tower QCT1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Slim ECS1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Tower ECT1250 | affected 1.10.1 semver | Not specified |
| CNA | Dell | Dell Tower Plus EBT2250 | affected 1.11.0 semver | Not specified |
| CNA | Dell | Inspiron 13 5320 | affected 1.30.0 semver | Not specified |
| CNA | Dell | Inspiron 13 5330 | affected 1.28.0 semver | Not specified |
| CNA | Dell | Inspiron 14 5420 | affected 1.33.0 semver | Not specified |
| CNA | Dell | Inspiron 14 5430 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 14 5440 | affected 1.19.0 semver | Not specified |
| CNA | Dell | Inspiron 14 7420 2-in-1 | affected 1.31.0 semver | Not specified |
| CNA | Dell | Inspiron 14 7430 2-in-1 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 14 7440 2-in-1 | affected 1.19.0 semver | Not specified |
| CNA | Dell | Inspiron 14 Plus 7420 | affected 1.34.0 semver | Not specified |
| CNA | Dell | Inspiron 14 Plus 7430 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 14 Plus 7440 | affected 1.22.0 semver | Not specified |
| CNA | Dell | Inspiron 15 3511 | affected 1.43.0 semver | Not specified |
| CNA | Dell | Inspiron 15 3520 | affected 1.39.0 semver | Not specified |
| CNA | Dell | Inspiron 16 5620 | affected 1.33.0 semver | Not specified |
| CNA | Dell | Inspiron 16 5630 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 16 5640 | affected 1.18.0 semver | Not specified |
| CNA | Dell | Inspiron 16 7610 | affected 1.36.0 semver | Not specified |
| CNA | Dell | Inspiron 16 7620 2-in-1 | affected 1.31.0 semver | Not specified |
| CNA | Dell | Inspiron 16 7630 2-in-1 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 16 7640 2-in-1 | affected 1.18.0 semver | Not specified |
| CNA | Dell | Inspiron 16 Plus 7620 | affected 1.34.0 semver | Not specified |
| CNA | Dell | Inspiron 16 Plus 7630 | affected 1.26.0 semver | Not specified |
| CNA | Dell | Inspiron 16 Plus 7640 | affected 1.22.0 semver | Not specified |
| CNA | Dell | Inspiron 24 5420 All-in-One | affected 1.25.0 semver | Not specified |
| CNA | Dell | Inspiron 24 5430 All-in-One | affected 1.18.0 semver | Not specified |
| CNA | Dell | Inspiron 27 7720 All-in-One | affected 1.25.0 semver | Not specified |
| CNA | Dell | Inspiron 27 7730 All-in-One | affected 1.18.0 semver | Not specified |
| CNA | Dell | Inspiron 3020 Desktop | affected 1.32.0 semver | Not specified |
| CNA | Dell | Inspiron 3020 Small Desktop | affected 1.32.0 semver | Not specified |
| CNA | Dell | Inspiron 3030 | affected 1.22.1 semver | Not specified |
| CNA | Dell | Inspiron 3030S | affected 1.22.1 semver | Not specified |
| CNA | Dell | Inspiron 3910 | affected 1.37.0 semver | Not specified |
| CNA | Dell | Inspiron 5400/5401 | affected 1.37.0 semver | Not specified |
| CNA | Dell | Inspiron 5401 AIO | affected 1.37.0 semver | Not specified |
| CNA | Dell | Inspiron 5410 All-in-One | affected 1.35.0 semver | Not specified |
| CNA | Dell | Inspiron 5510 | affected 2.39.0 semver | Not specified |
| CNA | Dell | Inspiron 7700 All-In-One | affected 1.37.0 semver | Not specified |
| CNA | Dell | Inspiron 7710 All-in-One | affected 1.35.0 semver | Not specified |
| CNA | Dell | Latitude 3120 | affected 1.35.1 semver | Not specified |
| CNA | Dell | Latitude 3140 | affected 1.28.1 semver | Not specified |
| CNA | Dell | Latitude 3140 2in1 | affected 1.28.1 semver | Not specified |
| CNA | Dell | Latitude 3320 | affected 1.41.0 semver | Not specified |
| CNA | Dell | Latitude 3330 | affected 1.33.0 semver | Not specified |
| CNA | Dell | Latitude 3340 | affected 1.29.0 semver | Not specified |
| CNA | Dell | Latitude 3410 | affected 1.36.0 semver | Not specified |
| CNA | Dell | Latitude 3420 | affected 1.46.0 semver | Not specified |
| CNA | Dell | Latitude 3430 | affected 1.32.0 semver | Not specified |
| CNA | Dell | Latitude 3440 | affected 1.29.0 semver | Not specified |
| CNA | Dell | Latitude 3450 | affected 1.20.0 semver | Not specified |
| CNA | Dell | Latitude 3510 | affected 1.36.0 semver | Not specified |
| CNA | Dell | Latitude 3520 | affected 1.46.0 semver | Not specified |
| CNA | Dell | Latitude 3530 | affected 1.32.0 semver | Not specified |
| CNA | Dell | Latitude 3540 | affected 1.29.0 semver | Not specified |
| CNA | Dell | Latitude 3550 | affected 1.20.0 semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153 | [email protected] | www.dell.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Dell Technologies would like to thank Bill Demirkapi of the Microsoft Security Response Center for reporting this issue. (en)
There are currently no legacy QID mappings associated with this CVE.