CVE-2023-39254

Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access to the system could potentially exploit this vulnerability to run arbitrary code as admin.
Configurations

No configuration.

History

21 Nov 2024, 08:15

Type Values Removed Values Added
Summary
  • (es) Dell Update Package (DUP), versiones anteriores a la 4.9.10, contienen una vulnerabilidad de ruta de búsqueda no controlada. Un usuario malintencionado con acceso local al sistema podría explotar esta vulnerabilidad para ejecutar código arbitrario como administrador.
References () https://www.dell.com/support/kbdoc/en-us/000217701/dsa-2023-338-security-update-for-a-dell-update-package-dup-framework-vulnerability - () https://www.dell.com/support/kbdoc/en-us/000217701/dsa-2023-338-security-update-for-a-dell-update-package-dup-framework-vulnerability -

01 Mar 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-01 13:15

Updated : 2024-11-21 08:15


NVD link : CVE-2023-39254

Mitre link : CVE-2023-39254

CVE.ORG link : CVE-2023-39254


JSON object : View

Products Affected

No product.

CWE
CWE-427

Uncontrolled Search Path Element