Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

Metrics

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Dell
  • 14 Dc14250
  • 14 Premium Da14250
  • 15 Dc15250
  • 16 Dc16250
  • 16 Dc16251
  • 16 Premium Da16250
  • Alienware 16 Area-51 Aa16250
  • Alienware 16x Aurora Ac16251
  • Alienware 18 Area-51 Aa18250
  • Alienware Area-51 Aat225
  • Chengming 3910/3911
  • G15 5520
  • G15 5530
  • G16 7620
  • G16 7630
  • Pro 13 Plus Pb13250
  • Pro 13 Plus Pb13255
  • Pro 13 Premium Pa13250
  • Pro 14 Essential Pv14250
  • Pro 14 Pc14250
  • Pro 14 Plus Pb14250
  • Pro 14 Plus Pb14255
  • Pro 14 Premium Pa14250
  • Pro 15 Essential Pv15250
  • Pro 16 Pc16250
  • Pro 16 Plus Pb16250
  • Pro 16 Plus Pb16255
  • Pro 24 All-in-one Plus/dell Pro 24 All-in-one
  • Pro Laptop Pc14250
  • Pro Laptop Pc16250
  • Pro Max 14 Mc14250
  • Pro Max 14 Mc14255
  • Pro Max 16 Mc16250
  • Pro Max 16 Mc16255
  • Pro Max Micro Fcm2250
  • Pro Max Slim Fcs1250
  • Pro Max Tower T2 Fct2250
  • Pro Micro/micro Plus Qcm1250/qbm1250
  • Pro Micro / Qcm1255
  • Pro Rugged 13 Ra13250
  • Pro Rugged 14 Rb14250
  • Pro Slim / Qcs1255
  • Pro Slim Essential Qvs1260
  • Pro Slim Plus Qbs1250/dell Pro Slim Qcs1250
  • Pro Tower / Qct1255
  • Pro Tower Essential Qvt1260
  • Pro Tower Plus Qbt1250/dell Pro Tower Qct1250
  • Slim Ecs1250
  • Tower Ect1250
  • Tower Plus Ebt2250

No data.

No data.

References
Link Providers
https://www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153 cve-icon cve-icon
History

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell 14 Dc14250
Dell 14 Premium Da14250
Dell 15 Dc15250
Dell 16 Dc16250
Dell 16 Dc16251
Dell 16 Premium Da16250
Dell alienware 16 Area-51 Aa16250
Dell alienware 16x Aurora Ac16251
Dell alienware 18 Area-51 Aa18250
Dell alienware Area-51 Aat225
Dell chengming 3910/3911
Dell g15 5520
Dell g15 5530
Dell g16 7620
Dell g16 7630
Dell pro 13 Plus Pb13250
Dell pro 13 Plus Pb13255
Dell pro 13 Premium Pa13250
Dell pro 14 Essential Pv14250
Dell pro 14 Pc14250
Dell pro 14 Plus Pb14250
Dell pro 14 Plus Pb14255
Dell pro 14 Premium Pa14250
Dell pro 15 Essential Pv15250
Dell pro 16 Pc16250
Dell pro 16 Plus Pb16250
Dell pro 16 Plus Pb16255
Dell pro 24 All-in-one Plus/dell Pro 24 All-in-one
Dell pro Laptop Pc14250
Dell pro Laptop Pc16250
Dell pro Max 14 Mc14250
Dell pro Max 14 Mc14255
Dell pro Max 16 Mc16250
Dell pro Max 16 Mc16255
Dell pro Max Micro Fcm2250
Dell pro Max Slim Fcs1250
Dell pro Max Tower T2 Fct2250
Dell pro Micro/micro Plus Qcm1250/qbm1250
Dell pro Micro / Qcm1255
Dell pro Rugged 13 Ra13250
Dell pro Rugged 14 Rb14250
Dell pro Slim / Qcs1255
Dell pro Slim Essential Qvs1260
Dell pro Slim Plus Qbs1250/dell Pro Slim Qcs1250
Dell pro Tower / Qct1255
Dell pro Tower Essential Qvt1260
Dell pro Tower Plus Qbt1250/dell Pro Tower Qct1250
Dell slim Ecs1250
Dell tower Ect1250
Dell tower Plus Ebt2250
Vendors & Products Dell
Dell 14 Dc14250
Dell 14 Premium Da14250
Dell 15 Dc15250
Dell 16 Dc16250
Dell 16 Dc16251
Dell 16 Premium Da16250
Dell alienware 16 Area-51 Aa16250
Dell alienware 16x Aurora Ac16251
Dell alienware 18 Area-51 Aa18250
Dell alienware Area-51 Aat225
Dell chengming 3910/3911
Dell g15 5520
Dell g15 5530
Dell g16 7620
Dell g16 7630
Dell pro 13 Plus Pb13250
Dell pro 13 Plus Pb13255
Dell pro 13 Premium Pa13250
Dell pro 14 Essential Pv14250
Dell pro 14 Pc14250
Dell pro 14 Plus Pb14250
Dell pro 14 Plus Pb14255
Dell pro 14 Premium Pa14250
Dell pro 15 Essential Pv15250
Dell pro 16 Pc16250
Dell pro 16 Plus Pb16250
Dell pro 16 Plus Pb16255
Dell pro 24 All-in-one Plus/dell Pro 24 All-in-one
Dell pro Laptop Pc14250
Dell pro Laptop Pc16250
Dell pro Max 14 Mc14250
Dell pro Max 14 Mc14255
Dell pro Max 16 Mc16250
Dell pro Max 16 Mc16255
Dell pro Max Micro Fcm2250
Dell pro Max Slim Fcs1250
Dell pro Max Tower T2 Fct2250
Dell pro Micro/micro Plus Qcm1250/qbm1250
Dell pro Micro / Qcm1255
Dell pro Rugged 13 Ra13250
Dell pro Rugged 14 Rb14250
Dell pro Slim / Qcs1255
Dell pro Slim Essential Qvs1260
Dell pro Slim Plus Qbs1250/dell Pro Slim Qcs1250
Dell pro Tower / Qct1255
Dell pro Tower Essential Qvt1260
Dell pro Tower Plus Qbt1250/dell Pro Tower Qct1250
Dell slim Ecs1250
Dell tower Ect1250
Dell tower Plus Ebt2250

Fri, 17 Apr 2026 03:45:00 +0000

Type Values Removed Values Added
Title Weak Password Recovery Mechanism in Dell Client Platform BIOS Allows Physical Access Attack

Thu, 16 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.
Weaknesses CWE-640
References
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L'}
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2026-04-16T16:05:32.561Z

Updated: 2026-04-16T18:32:52.672Z

Reserved: 2025-04-15T21:30:44.885Z

Link: CVE-2025-36579

cve-icon Vulnrichment

Updated: 2026-04-16T17:16:21.652Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-16T17:16:54.073

Modified: 2026-04-17T15:14:05.510

Link: CVE-2025-36579

cve-icon Redhat

No data.