DSA-2022-074: Dell Command | Update and Dell Update, and Alienware Update Security Update for a Local Privilege Escalation Vulnerability

Résumé: Dell Command | Update and Dell Update, and Alienware Update remediation is available for a Local Privilege Escalation Vulnerability that may be exploited by malicious users to compromise the affected system. ...

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.

Impact

High

Détails

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2022-24426 Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2022-24426 Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product Affected Versions Updated Versions Link to Update
Dell Command | Update
 
4.4.0
 
4.5.0
 
Universal Windows Platform version for Windows 10, 32 and 64 bit
Dell Command | Update Application for Windows 10 | Driver Details | Dell US
Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10
Dell Command | Update Application | Driver Details | Dell US
Dell Update and
Alienware Update
4.4.0
 
4.5.0
 
Universal Windows Platform version for Windows 10, 32 and 64 bit
Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US
Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10
Dell Update/Alienware Update Application | Driver Details | Dell US
Product Affected Versions Updated Versions Link to Update
Dell Command | Update
 
4.4.0
 
4.5.0
 
Universal Windows Platform version for Windows 10, 32 and 64 bit
Dell Command | Update Application for Windows 10 | Driver Details | Dell US
Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10
Dell Command | Update Application | Driver Details | Dell US
Dell Update and
Alienware Update
4.4.0
 
4.5.0
 
Universal Windows Platform version for Windows 10, 32 and 64 bit
Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US
Windows 32 and 64-bit version for Microsoft Windows 7, 8, 8.1, and 10
Dell Update/Alienware Update Application | Driver Details | Dell US

Historique des révisions

RevisionDateDescription
1.02022-03-25Initial Release
1.12022-05-20CVE Description correction: only version 4.4.0 is affected

Remerciements

Dell would like to thank Alexander Pudwill for reporting this issue.
 

Informations connexes

Produits concernés

Alienware Update, Dell Command | Update, Dell Update, Product Security Information
Propriétés de l’article
Numéro d’article: 000197723
Type d’article: Dell Security Advisory
Dernière modification: 18 sept. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.