DSA-2024-439: Security Update for Dell Power Manager for an Improper Access Control Vulnerability
Summary: Dell Power Manager remediation is available for an Improper Access Control Vulnerability that could be exploited by malicious users to compromise the affected system.
Impact
High
Details
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
| CVE-2024-49600 |
Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of Privileges. |
7.8 |
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
| CVE-2024-49600 |
Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of Privileges. |
7.8 |
Produse afectate și măsuri de remediere
| Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Release Date |
Link |
| Dell Power Manager |
Software |
Versions prior to 3.17 |
Versions 3.17 or later | 12/5/2024 |
| Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Release Date |
Link |
| Dell Power Manager |
Software |
Versions prior to 3.17 |
Versions 3.17 or later | 12/5/2024 |
Soluții alternative și strategii de atenuare
None
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2024-12-05 |
Initial Release |
Acknowledgements
CVE-2024-49600: Dell Technologies would like to thank TsungShu Chiu (CHT Security) for reporting this issue.