CVE-2025-29989

low-risk

Published 2025-04-10

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.1/10 Low

LOCAL / LOW complexity

Affected Products (4)

Precision 5820 Tower Firmware

Precision 7820 Tower Firmware

Precision 7920 Tower Firmware

Precision 7865 Tower Firmware

Affected Vendors

Dell

References (1)

Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000250131/dsa-2025-016

/ 100

low-risk

Severity 12/34 · Low

Exploitability 0/34 · Minimal

Exposure 10/34 · Low