65 matches found
PT-2023-21533 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point, which could be exploited by a local malicious user to create...
Vulnerabilities of Dell Command | Update, Dell Update, and Alienware Update programs, which allow attackers to disclose protected information
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs involves exposing system data that is not authorized to be exposed in a controlled area. Exploiting this vulnerability can allow an intruder to expose protected information...
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs lies in their improper verification of the cryptographic signature, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs is related to improper verification of the cryptographic signature. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2022-34384
Dell SupportAssist Client Consumer version 3.11.1 and prior, SupportAssist Client Commercial version 3.2 and prior, Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
Design/Logic Flaw
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update prior to 4.6.0 and 4.7.1 are affected. The installer component performs an insecure operation on Windows Junction, allowing a local attacker to delete arbitrary files without user interaction. Impact: high for availability/integrity; exploi...
多款Dell产品 安全漏洞
Dell Command Update is a Dell USA Inc. tool for automating driver, BIOS and firmware updates in Dell products. A security vulnerability exists in Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.6.0 and 4.7.1, which originates from the inclusion of an insecure action i...
CVE-2022-34458
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the...
CVE-2022-34459
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution...
CVE-2022-34459
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution...
CVE-2022-34459
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution...
多款Dell产品 安全漏洞
Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Alienware Update is an update application. A security vulnerability exists in Dell...
多款Dell产品 数据伪造问题漏洞
Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Alienware Update is an update application. A security vulnerability exists in Dell...
PT-2022-6357 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 Description: The issue is related to an improper verification of cryptographic signature in the get applicable driver component. This could allow a local malicious...
PT-2022-6351 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 Description: The issue is related to the exposure of sensitive system information to an unauthorized control sphere. A local malicious user could potentially explo...
CVE-2022-34382
Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges...