DSA-2023-031: Dell Command | Update, Dell Update, and Alienware Update Security Update for a Windows Universal Application Vulnerability
Summary: Dell Command | Update, Dell Update, and Alienware Update remediation is available for a Windows Universal Application vulnerability that may be exploited by malicious users to compromise the affected systems. ...
Αυτό το άρθρο ισχύει για
Αυτό το άρθρο δεν ισχύει για
Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν.
Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Impact
Medium
Details
| Proprietary Code CVEs | Description | More Information |
| CVE-2023-23698 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  See NVD (http://nvd.nist.gov/) for additional details. |
| Proprietary Code CVEs | Description | More Information |
| CVE-2023-23698 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H See NVD (http://nvd.nist.gov/) for additional details. |
Επηρεαζόμενα προϊόντα και αποκατάσταση
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update |
Versions 4.6.0 and 4.7.1 |
4.8.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US |
| Dell Update, Alienware Update |
Versions 4.6.0 and 4.7.1 | 4.8.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update, Alienware Update Application for Windows 10 | Driver Details | Dell US |
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Command | Update |
Versions 4.6.0 and 4.7.1 |
4.8.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US |
| Dell Update, Alienware Update |
Versions 4.6.0 and 4.7.1 | 4.8.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update, Alienware Update Application for Windows 10 | Driver Details | Dell US |
Revision History
| Revision | Date | Description |
| 1.0 | 2023-02-06 | Initial Release |
Acknowledgements
CVE-2023-23698: Dell Technologies would like to thank ycdxsb for reporting this issue.
Related Information
Νομική αποποίηση ευθύνης
Επηρεαζόμενα προϊόντα
Dell Command | Update, Product Security InformationΙδιότητες άρθρου
Article Number: 000208038
Article Type: Dell Security Advisory
Τελευταία τροποποίηση: 06 Φεβ 2023
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.