DSA-2024-016: Security Update for Dell Alienware Command Center Vulnerabilities
Podsumowanie: Dell Alienware Command Center remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Ten artykuł dotyczy
Ten artykuł nie dotyczy
Ten artykuł nie jest powiązany z żadnym konkretnym produktem.
Nie wszystkie wersje produktu zostały zidentyfikowane w tym artykule.
Skutki
High
Szczegóły
| Third-Party Component | CVE(s) | More information |
|---|---|---|
| InstallShield 2023 R2 | CVE-2023-29081 | InstallShield Security Advisory |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-22450 |
Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise. |
7.4 |
|
| CVE-2024-0159 | Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system. | 6.7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-22450 |
Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise. |
7.4 |
|
| CVE-2024-0159 | Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system. | 6.7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Produkty, których dotyczy problem, i środki zaradcze
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2024-0159, CVE-2023-29081 | Alienware Command Center 5.x | Software | Versions prior to 5.6.1.0 | Version 5.6.1.0 | Alienware Command Center for Windows 11 and Windows 10 64-bit |
| CVE-2024-22450, CVE-2023-29081 | Alienware Command Center 6.x | Software | Versions prior to 6.2.7.0 | Version 6.2.7.0 | Alienware Command Center for Windows 11 and Windows 10 64-bit Alienware Command Center 6.x | Driver Details | Dell US Alienware Command Center 6.x - Full Installer | Driver Details | Dell US |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|---|
| CVE-2024-0159, CVE-2023-29081 | Alienware Command Center 5.x | Software | Versions prior to 5.6.1.0 | Version 5.6.1.0 | Alienware Command Center for Windows 11 and Windows 10 64-bit |
| CVE-2024-22450, CVE-2023-29081 | Alienware Command Center 6.x | Software | Versions prior to 6.2.7.0 | Version 6.2.7.0 | Alienware Command Center for Windows 11 and Windows 10 64-bit Alienware Command Center 6.x | Driver Details | Dell US Alienware Command Center 6.x - Full Installer | Driver Details | Dell US |
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Historia zmian
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-03-12 | Initial Release |
| 2.0 | 2024-03-20 | Updated CVE Identifier, Proprietary Code, and Affected Products and Remediation section: Final platform update |
Podziękowania
CVE-2024-0159: Dell Technologies would like to thank Gee-netics for reporting this issue.
Powiązane informacje
Zastrzeżenie prawne
Produkty, których dotyczy problem
Alienware Command CenterWłaściwości artykułu
Numer artykułu: 000218222
Typ artykułu: Dell Security Advisory
Ostatnia modyfikacja: 18 lis 2024
Znajdź odpowiedzi na swoje pytania u innych użytkowników produktów Dell
Usługi pomocy technicznej
Sprawdź, czy Twoje urządzenie jest objęte usługą pomocy technicznej.