Headline
CVE-2023-24569: DSA-2023-044: Dell Alienware Command Center Security Update for a Local Privilege Escalation Vulnerability
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.
Vaikutus
High
Tiedot
Proprietary Code CVEs
Description
More Information
CVE-2023-24569
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
See NVD (http://nvd.nist.gov/ ) for additional details.
Proprietary Code CVEs
Description
More Information
CVE-2023-24569
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
See NVD (http://nvd.nist.gov/ ) for additional details.
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen
Product
Affected Versions
Updated Versions
Link to Update
Alienware Command Center
Versions before 5.5.37.0
5.5.40.0
Alienware Command Center for Windows 11 and Windows 10 64-bit
Alienware Command Center Application
Alienware Command Center Application
Product
Affected Versions
Updated Versions
Link to Update
Alienware Command Center
Versions before 5.5.37.0
5.5.40.0
Alienware Command Center for Windows 11 and Windows 10 64-bit
Alienware Command Center Application
Alienware Command Center Application
Kiitokset
CVE-2023-24569: Dell Technologies would like to thank Johannes Hatting for reporting this issue.
Versiohistoria
Revision
Date
Description
1.0
2023-02-09
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
09 helmik. 2023