Dell Firmware Updates (MINDBREEZE33802)

ID: MINDBREEZE33802 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 6.5 Medium 
Status: Final 
First published: April 28, 2025 
CVEs: CVE-2024-39279, CVE-2024-28047, CVE-2024-36293 

Summary 

• Insufficient granularity of access control in UEFI firmware
• Improper input validation in UEFI firmware
• Improper access control in the EDECCSSA user leaf function 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.2 Release
• Mindbreeze InSpire Saas 25.2 Release