Vulnerability in Dell 14 Plus 2-in-1 Db04250
CVE-2026-35159
Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L.
Affected products
- Dell 14 Plus 2-in-1 Db04250 — versions 0
- Dell 14 Plus Db14250 — versions 0
- Dell 15 Dc15250 — versions 0
- Dell 16 Plus 2-in-1 Db06250 — versions 0
- Dell 16 Plus Db16250 — versions 0
- Dell 24 All-in-one Ec24250 — versions 0
- Dell 27 All-in-one Ec27250 — versions 0
- Dell Alienware 16 Area-51 Aa16250 — versions 0
- Dell Alienware 16 Aurora Ac16250 — versions 0
- Dell Alienware 16x Aurora Ac16251 — versions 0
Weakness classification (CWE)
References
- security_alert@emc.com (vendor-advisory)
Frequently asked questions
- What is CVE-2026-35159?
- CVE-2026-35159 is a medium-severity vulnerability in Dell 14 Plus 2-in-1 Db04250, classified under Authentication Bypass by Primary Weakness. CVSS score: 5.3/10. Published 2026-07-03.
- How severe is CVE-2026-35159?
- Medium severity. CVSS v3 base score is 5.3 out of 10.