CVE-2026-40639_CVE-2026-40639

5.7 / 10

MEDIUM

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Basic Information

ID CVE-2026-40639

Source dell

Published Jun 9, 2026 at 18:04

Modified Jun 9, 2026 at 19:12

Affected Product

Vendor Dell

Product Dell Edge Gateway 3000

Affected Versions Dell Dell Edge Gateway 3000 0
Dell Dell Edge Gateway 5000 0
Dell DELL EMBEDDED PC 3000 0
Dell DELL EMBEDDED PC 5000 0
Dell Dell Precision 3630 Tower 0
Dell Dell Precision 3930 Rack 0
Dell Latitude 7220 Rugged Extreme 0
Dell Latitude Rugged 5420 0
Dell Latitude Rugged 5424 0
Dell Latitude Rugged 7220EX 0
Dell Latitude Rugged 7424 0
Dell Precision 3930 Rack 0

CWE Classification

CWE-261

References

www.dell.com /support/kbdoc/en-us/000453482/dsa-2026-197

{
    "lastseen": "",
    "description": "Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.",
    "published": "2026-06-09T18:04:53.344Z",
    "modified": "2026-06-09T19:12:13.457Z",
    "type": "cve",
    "title": "CVE-2026-40639",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000453482/dsa-2026-197",
    "id": "CVE-2026-40639",
    "bulletinFamily": "",
    "cwe": [
        "CWE-261"
    ],
    "cvelist": null,
    "sourceData": "Dell Dell Edge Gateway 3000 0\nDell Dell Edge Gateway 5000 0\nDell DELL EMBEDDED PC 3000 0\nDell DELL EMBEDDED PC 5000 0\nDell Dell Precision 3630 Tower 0\nDell Dell Precision 3930 Rack 0\nDell Latitude 7220 Rugged Extreme 0\nDell Latitude Rugged 5420 0\nDell Latitude Rugged 5424 0\nDell Latitude Rugged 7220EX 0\nDell Latitude Rugged 7424 0\nDell Precision 3930 Rack 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Dell Edge Gateway 3000",
    "version": "0",
    "vendor": "Dell",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}