CVE-2025-36579

Published: Apr 16, 2026 Last Modified: Apr 16, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,1

Source: [email protected]

Attack Vector: physical

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: low

Integrity: low

Availability: low

Description

AI Translation Available

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

640

Weak Password Recovery Mechanism for Forgotten Password

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control Availability Integrity Other

Potential Impacts:

Gain Privileges Or Assume Identity Dos: Resource Consumption (Other) Other

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: High

View CWE Details

https://www.dell.com/support/kbdoc/en-us/000300450/dsa-2025…

https://www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153

CVE-2025-36579

Description

Weak Password Recovery Mechanism for Forgotten Password

Common Consequences

Applicable Platforms

Iscriviti alla newsletter