PatchSiren cyber security CVE debrief
CVE-2026-40639 Dell CVE debrief
CVE-2026-40639 is a MEDIUM-severity vulnerability in Dell Client Platform BIOS, with a CVSS score of 5.7. It involves Weak Encoding for Password, allowing an unauthenticated attacker with physical access to potentially exploit the vulnerability, leading to Elevation of Privileges.
- Vendor
- Dell
- Product
- Dell Edge Gateway 3000
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Administrators and users of Dell Client Platform BIOS should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability exists in the Dell Client Platform BIOS due to weak encoding for passwords. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply the necessary patches or updates provided by Dell to fix the vulnerability.
- Restrict physical access to the affected systems to prevent unauthorized exploitation.
Evidence notes
The CVE record was published on 2026-06-09T19:17:53.043Z and modified on 2026-06-09T19:30:24.713Z. The vulnerability is tracked under CWE-261.
Official resources
-
CVE-2026-40639 CVE record
CVE.org
-
CVE-2026-40639 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-40639 was published on 2026-06-09T19:17:53.043Z.