DSA-2023-170: Dell Command | Update, Dell Update, and Alienware Update Security Update for an Insecure Operation on Windows Junction / Mount Point vulnerability
Summary: Dell Command | Update, Dell Update, and Alienware Update remediation is available for an Insecure Operation on Windows Junction / Mount Point vulnerability that could be exploited by malicious users to compromise the affected system. ...
Ez a cikk a következő(k)re vonatkozik:
Ez a cikk nem vonatkozik a következő(k)re:
Ez a cikk nem kapcsolódik egyetlen konkrét termékhez sem.
Ez a cikk nem azonosítja az összes termékverziót.
Impact
Medium
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
Érintett termékek és helyreállítás
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
Revision History
| Revision | Date | Description |
| 1 | 2023-06-13 | Initial Release |
Acknowledgements
CVE-2023-28071: Dell Technologies would like to thank ycdxsb for reporting this issue.
Related Information
Jogi nyilatkozat
Érintett termékek
Alienware Update, Dell Command | Update, Dell UpdateTermék tulajdonságai
Article Number: 000213546
Article Type: Dell Security Advisory
Utoljára módosítva: 13 jún. 2023
Választ kaphat kérdéseire más Dell-felhasználóktól
Támogatási szolgáltatások
Ellenőrizze, hogy a készüléke rendelkezik-e támogatási szolgáltatással.