DSA-2022-217: Dell Command | Update and Dell Update/Alienware Update Security Update for a Local Privilege Escalation Vulnerability
Summary: Dell Command | Update and Dell Update/Alienware Update remediation is available for a Local Privilege Escalation Vulnerability that may be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34382 | Dell Command | Update and Dell Update/Alienware Update versions before 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34382 | Dell Command | Update and Dell Update/Alienware Update versions before 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Affected Products & Remediation
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Command | Update Application | Driver Details | Dell US |
| Dell Update/Alienware Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Update/Alienware Update Application | Driver Details | Dell US |
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Command | Update Application | Driver Details | Dell US |
| Dell Update/Alienware Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Update/Alienware Update Application | Driver Details | Dell US |
Revision History
| Revision | Date | Description |
| 1.0 | 2022-08-08 | Initial Release |
| 1.1 | 2022-09-22 | Updated Link to Update |
Acknowledgements
Dell would like to thank Alexander Pudwill for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
Alienware Update, Dell Command | Update, Product Security InformationArticle Properties
Article Number: 000202198
Article Type: Dell Security Advisory
Last Modified: 08 Jun 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.