Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000212982


DSA-2023-158: Security Update for a Dell Alienware Command Center Vulnerability

Summary: Dell Alienware Command Center remediation is available for a deserialization of untrusted data vulnerability that could be exploited by malicious users to compromise the affected system. ...

Article Content


Impact

High

Details

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2023-28072 Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
See NVD (https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.) for additional details.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2023-28072 Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
See NVD (https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.) for additional details.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Software/Firmware Affected Versions Remediated Versions Link
Alienware Command Center (AWCC) Software Versions prior to 5.5.51.0 Version 5.5.51.0 or later Alienware Command Center for Windows 11 and Windows 10 64-bit

Alienware Command Center Application
Product Software/Firmware Affected Versions Remediated Versions Link
Alienware Command Center (AWCC) Software Versions prior to 5.5.51.0 Version 5.5.51.0 or later Alienware Command Center for Windows 11 and Windows 10 64-bit

Alienware Command Center Application

Acknowledgements

Dell Technologies would like to thank Matt Hand for reporting this issue.
 

Revision History

RevisionDateDescription
1.02023-08-30Initial Release
2.02023-08-30Corrected CVSS score link
3.02023-09-01Corrected Acknowledgements section

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

Alienware Command Center

Last Published Date

01 Sept 2023

Version

3

Article Type

Dell Security Advisory