Os Recovery Tool Security Vulnerabilities and Issues — Os Recovery Tool CVE List

cve

CVE-2022-26865

Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator.

6.8CVSS

6.8AI Score

0.001EPSS

2022-05-26 04:15 PM

43

4

cve

CVE-2023-28066

Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability in order to elevate privileges on the system.

7.8CVSS

7.3AI Score

0.0004EPSS

2023-06-01 04:15 PM

25

cve

CVE-2023-39253

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-11-23 07:15 AM

17

cve

CVE-2023-39259

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-11-16 09:15 AM

16