DSA-2023-170: Dell Command | Update, Dell Update, and Alienware Update Security Update for an Insecure Operation on Windows Junction / Mount Point vulnerability
Summary: Dell Command | Update, Dell Update, and Alienware Update remediation is available for an Insecure Operation on Windows Junction / Mount Point vulnerability that could be exploited by malicious users to compromise the affected system. ...
Αυτό το άρθρο ισχύει για
Αυτό το άρθρο δεν ισχύει για
Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν.
Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Impact
Medium
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
Επηρεαζόμενα προϊόντα και αποκατάσταση
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
Revision History
| Revision | Date | Description |
| 1 | 2023-06-13 | Initial Release |
Acknowledgements
CVE-2023-28071: Dell Technologies would like to thank ycdxsb for reporting this issue.
Related Information
Νομική αποποίηση ευθύνης
Επηρεαζόμενα προϊόντα
Alienware Update, Dell Command | Update, Dell UpdateΙδιότητες άρθρου
Article Number: 000213546
Article Type: Dell Security Advisory
Τελευταία τροποποίηση: 13 Ιουν 2023
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.