DSA-2023-170: Dell Command | Update, Dell Update, and Alienware Update Security Update for an Insecure Operation on Windows Junction / Mount Point vulnerability
Summary: Dell Command | Update, Dell Update, and Alienware Update remediation is available for an Insecure Operation on Windows Junction / Mount Point vulnerability that could be exploited by malicious users to compromise the affected system. ...
Bu makale şunlar için geçerlidir:
Bu makale şunlar için geçerli değildir:
Bu makale, belirli bir ürüne bağlı değildir.
Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Impact
Medium
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2023-28071 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |
6.3 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H |
Etkilenen Ürünler ve Düzeltme
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date (MM-DD-YYY) / Expected Release | Update link |
| Dell Command | Update | SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/drivers/DriversDetails?driverId=J6PNP |
| Windows 32 and 64-bit version for Microsoft Windows 10 https://www.dell.com/support/home/drivers/DriversDetails?driverId=30F6M |
|||||
| Dell Update / Alienware Update |
SW | 4.9.0, A01 and Prior | 4.9.0, A02 | 6/13/2023 | Universal Windows Platform version for Windows 10 32-bit and 64-bit https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=HF46K |
Revision History
| Revision | Date | Description |
| 1 | 2023-06-13 | Initial Release |
Acknowledgements
CVE-2023-28071: Dell Technologies would like to thank ycdxsb for reporting this issue.
Related Information
Yasal Uyarı
Etkilenen Ürünler
Alienware Update, Dell Command | Update, Dell UpdateMakale Özellikleri
Article Number: 000213546
Article Type: Dell Security Advisory
Son Değiştirme: 13 Haz 2023
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.