Ir al contenido principal
  • Realice pedidos rápida y fácilmente.
  • Vea los pedidos y haga el seguimiento del estado del envío.
  • Cree una lista de sus productos y acceda a ella
  • Gestione sus sitios, productos y contactos a nivel de producto de Dell EMC con la administración de empresa.

Número de artículo: 000209461


DSA-2023-074: Dell Trusted Device Agent Security Update for an Improper Installation Permissions Vulnerability

Resumen: Dell Trusted Device Agent remediation is available for an improper installation permissions vulnerability that could be exploited by malicious users to compromise the affected system.

Contenido del artículo


Impacto

High

Detalles

Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2023-25542 Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges. 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2023-25542 Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges. 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recomienda que todos los clientes tengan en cuenta la puntuación base CVSS y las puntuaciones temporales o de entorno relevantes que puedan afectar a la posible gravedad asociada a una determinada vulnerabilidad de seguridad.

Productos afectados y corrección

CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2023-25542 Dell Trusted Device Agent Versions prior to 5.3.0
 
5.3.0 https://www.dell.com/support/home/product-support/product/trusted-device/drivers
CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2023-25542 Dell Trusted Device Agent Versions prior to 5.3.0
 
5.3.0 https://www.dell.com/support/home/product-support/product/trusted-device/drivers

Soluciones alternativas y mitigaciones

Uninstall and re-install Dell Trusted Device Agent with default settings.

Agradecimientos

CVE-2023-25542: Dell Technologies would like to thank Marius Gabriel Mihai for reporting this issue.

Historial de revisiones

RevisionDateDescription
1.02023-04-04Initial Release

Información relacionada


Propiedades del artículo


Producto afectado

Product Security Information, Trusted Device

Fecha de la última publicación

04 abr 2023

Versión

1

Tipo de artículo

Dell Security Advisory