Dell Client Platform BIOS: Unauthenticated Access via Weak Password Recovery

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.1

Dell Client Platform BIOS: Unauthenticated Access via Weak Password Recovery

CVE-2025-36579

Summary

If an attacker has physical access to a Dell computer, they may be able to bypass the password protection and gain unauthorized access to the system. This is a concern because it means someone could potentially access sensitive data or disrupt the computer's operation. Dell recommends updating the BIOS to a fixed version to mitigate this issue.

Original title

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, lea...

Original description

nvd CVSS3.1 5.1

Vulnerability type

CWE-640

https://www.dell.com/support/kbdoc/en-us/000300450/dsa-2025-153

Published: 16 Apr 2026 · Updated: 17 Apr 2026 · First seen: 16 Apr 2026