DSA-2022-217: Dell Command | Update and Dell Update/Alienware Update Security Update for a Local Privilege Escalation Vulnerability
摘要: Dell Command | Update and Dell Update/Alienware Update remediation is available for a Local Privilege Escalation Vulnerability that may be exploited by malicious users to compromise the affected system. ...
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
High
详情
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34382 | Dell Command | Update and Dell Update/Alienware Update versions before 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34382 | Dell Command | Update and Dell Update/Alienware Update versions before 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
受影响的产品和补救措施
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Command | Update Application | Driver Details | Dell US |
| Dell Update/Alienware Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Update/Alienware Update Application | Driver Details | Dell US |
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Command | Update Application | Driver Details | Dell US |
| Dell Update/Alienware Update | Versions before 4.6.0 | 4.6.0 | Universal Windows Platform version for Windows 10 32 and 64 bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10 Dell Update/Alienware Update Application | Driver Details | Dell US |
修订历史记录
| Revision | Date | Description |
| 1.0 | 2022-08-08 | Initial Release |
| 1.1 | 2022-09-22 | Updated Link to Update |
确认
Dell would like to thank Alexander Pudwill for reporting this issue.
相关信息
法律免责声明
受影响的产品
Alienware Update, Dell Command | Update, Product Security Information文章属性
文章编号: 000202198
文章类型: Dell Security Advisory
上次修改时间: 08 6月 2023
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。