CVE-2026-40639

5.7 MEDIUM

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability

Published: 2026-06-09 · Last updated: 2026-06-09

Severity and scoring

CVSS: 5.7 MEDIUM
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-261

Description

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-40639
[Other]https://www.dell.com/support/kbdoc/en-us/000453482/dsa-2026-197

Related CVEs

Same CWE

CVE-2025-11500 — Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate authentication mechanisms - one solely for i...