CVE-2025-36579 MEDIUM

CVE-2025-36579

Vendor Dell
Product Dell Pro 14 Essential PV14250
Weakness CWE-640 · Weak password recovery
Published April 16, 2026
Last update May 27, 2026

CVSS base score

5.1/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.

Key dates

02Disclosure timeline

April 16, 2026 CVE published
May 27, 2026 Record updated