DSA-2020-059: Dell OS Recovery Image Insecure Inherited Permissions Vulnerability
Summary: Dell Windows 10 recovery images require an update to address an insecure inherited permissions vulnerability.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
- Insecure Inherited Permissions Vulnerability
CVE-2020-5343
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
CVSS Base Score: 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
CVSS Base Score: 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
- Insecure Inherited Permissions Vulnerability
CVE-2020-5343
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
CVSS Base Score: 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
CVSS Base Score: 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Affected Products & Remediation
Affected products:
Dell Client platforms licensed for Microsoft Windows 10 restored using a Dell OS recovery image for Microsoft Windows 10 that was downloaded before December 20, 2019.
Remediation:
Dell OS recovery images released December 20, 2019 and later have been updated to remediate this vulnerability.
Customers who used a Dell OS recovery image for Microsoft Windows 10, downloaded before December 20, 2019, should install the Critical Update labeled as "Dell Security Advisory DSA-2020-059" using one of the following Dell Download Notification Applications:
- Dell Update 3.1 or later
- Dell Command Update 3.1 or later
- Dell SupportAssist 3.4.1 or later
Installation of this update will remediate this vulnerability on affected systems without further user interaction.
Dell recommends that customers follow security best practices for malware protection and use security software to help protect against malware (e.g., advanced threat prevention software or anti-virus).
Affected products:
Dell Client platforms licensed for Microsoft Windows 10 restored using a Dell OS recovery image for Microsoft Windows 10 that was downloaded before December 20, 2019.
Remediation:
Dell OS recovery images released December 20, 2019 and later have been updated to remediate this vulnerability.
Customers who used a Dell OS recovery image for Microsoft Windows 10, downloaded before December 20, 2019, should install the Critical Update labeled as "Dell Security Advisory DSA-2020-059" using one of the following Dell Download Notification Applications:
- Dell Update 3.1 or later
- Dell Command Update 3.1 or later
- Dell SupportAssist 3.4.1 or later
Installation of this update will remediate this vulnerability on affected systems without further user interaction.
Dell recommends that customers follow security best practices for malware protection and use security software to help protect against malware (e.g., advanced threat prevention software or anti-virus).
Related Information
Legal Disclaimer
Affected Products
Product Security InformationArticle Properties
Article Number: 000133578
Article Type: Dell Security Advisory
Last Modified: 18 Aug 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.