DSA-2023-182: Dell Display Manager Security Update for Multiple Vulnerabilities
Summary: Dell Display Manager remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.
Acest articol se aplică pentru
Acest articol nu se aplică pentru
Acest articol nu este legat de un produs specific.
Acest articol nu acoperă toate versiunile de produs existente.
Impact
High
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2023-32474 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2023-32474 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H |
Produse afectate și măsuri de remediere
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Link |
|---|---|---|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager | SW | Version 2.1.1.17 | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVE-2023-32474 | Dell Display Manager | SW | Versions 2.1.1.17 and prior | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Link |
|---|---|---|---|---|---|---|
| CVE-2023-32451 | Dell Display Manager | SW | Version 2.1.1.17 | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
| CVE-2023-32474 | Dell Display Manager | SW | Versions 2.1.1.17 and prior | 2.1.1.21 | 7/4/2023 | Support for Dell Display Manager 2.x | Drivers & Downloads |
Dell recommends all customers update at the earliest opportunity.
Go to the Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Go to the Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Soluții alternative și strategii de atenuare
None.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-07-07 | Initial Release |
Acknowledgements
CVE-2023-32451, CVE-2023-32474: Dell Technologies would like to thank Marius Gabriel Mihai for reporting these issues.
Related Information
Exonerare de răspundere
Produse afectate
Dell Display Manager 2.xProprietăți articol
Article Number: 000215216
Article Type: Dell Security Advisory
Ultima modificare: 07 Jul 2023
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.