DSA-2020-058: Dell/Alienware Digital Delivery Security Update for an Incorrect Default Permissions Vulnerability
概要: Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability.
この記事は次に適用されます:
この記事は次には適用されません:
この記事は、特定の製品に関連付けられていません。
すべての製品パージョンがこの記事に記載されているわけではありません。
影響
High
詳細
-
- Incorrect Default Permissions Vulnerability
CVE-2020-5342
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Incorrect Default Permissions Vulnerability
CVE-2020-5342
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
影響を受ける製品と修復
Affected products:
Dell Digital Delivery versions prior to 3.5.2015
Alienware Digital Delivery versions prior to 3.5.2015
Remediation:
The following Dell/Alienware Digital Delivery releases contain a resolution to these vulnerabilities:
- Dell Digital Delivery versions 3.5.2015 and later
- Alienware Digital Delivery versions 3.5.2015 and later
Dell recommends all customers upgrade at the earliest opportunity.
Please visit the Dell Support Drivers and Downloads site for updates on the applicable products.
Affected products:
Dell Digital Delivery versions prior to 3.5.2015
Alienware Digital Delivery versions prior to 3.5.2015
Remediation:
The following Dell/Alienware Digital Delivery releases contain a resolution to these vulnerabilities:
- Dell Digital Delivery versions 3.5.2015 and later
- Alienware Digital Delivery versions 3.5.2015 and later
Dell recommends all customers upgrade at the earliest opportunity.
Please visit the Dell Support Drivers and Downloads site for updates on the applicable products.
回避策と緩和策
None
確認
Dell would like to thank Nuttakorn Tungpoonsup of Secure D Center Research Team, Secure D Center Co.,Ltd., Ammarit Thongthua of Secure D Center Research Team, Secure D Center Co.,Ltd., and Sittikorn Sangrattanapitak for reporting this vulnerability.
関連情報
法的免責事項
対象製品
Alienware Update文書のプロパティ
文書番号: 000128920
文書の種類: Dell Security Advisory
最終更新: 18 8月 2025
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。