DSA-2022-254: Dell System Update (DSU) Security Update for a Self-Signed Certificate Vulnerability

Summary: Dell System Update (DSU) remediation is available for a self-signed certificate vulnerability that could be exploited by malicious users to compromise the affected system.

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Diğer kaynaklara göz atın

Impact

Medium

Details

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2022-34404 Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2022-34404 Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2022-34404 DSU
 		 Versions prior to 2.0.1.0
 		 2.0.1.0 or later https://www.dell.com/support/product-details/product/system-update/drivers
CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2022-34404 DSU
 		 Versions prior to 2.0.1.0
 		 2.0.1.0 or later https://www.dell.com/support/product-details/product/system-update/drivers

Geçici Çözümler ve Risk Azaltma

None.

Revision History

RevisionDateDescription
1.02022-09-26Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Yasal Uyarı

Etkilenen Ürünler

Dell System Update v1.3, Dell System update v1.3.1, Dell System Update v1.1, Dell System Update v1.2, Product Security Information, Dell System update v1.4.0
Makale Özellikleri
Article Number: 000203733
Article Type: Dell Security Advisory
Son Değiştirme: 17 Şub 2025
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.