DSA-2023-182: Dell Display Manager Security Update for Multiple Vulnerabilities
Samenvatting: Dell Display Manager remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
High
Gegevens
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2023-32474 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2023-32474 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H |
Getroffen producten en herstel
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Link |
|---|---|---|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager | SW | Version 2.1.1.17 | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVE-2023-32474 | Dell Display Manager | SW | Versions 2.1.1.17 and prior | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Link |
|---|---|---|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager | SW | Version 2.1.1.17 | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVE-2023-32474 | Dell Display Manager | SW | Versions 2.1.1.17 and prior | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
Dell recommends all customers update at the earliest opportunity.
Go to the Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Go to the Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Tijdelijke oplossingen en risicobeperking
None.
Revisiegeschiedenis
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-07-07 | Initial Release |
Bevestigingen
CVE-2023-32451, CVE-2023-32474: Dell Technologies would like to thank Marius Gabriel Mihai for reporting these issues.
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Dell Display Manager 2.xArtikeleigenschappen
Artikelnummer: 000215216
Artikeltype: Dell Security Advisory
Laatst aangepast: 07 jul. 2023
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.