Command Update@* Security Vulnerabilities and Issues — Command Update@* CVE List

DellCommand Update*

9 matches found

CVE•added 2022/09/02 5:30 p.m.•62 views

CVE-2022-34382

Dell CVE-2022-34382 affects Dell Command Update, Dell Update and Alienware Update up to version 4.6.0. The flaw is a Local Privilege Escalation in the custom catalog configuration that could allow a local attacker to elevate privileges. Public sources corroborate the affected software and state t...

7.8CVSS7.5AI score0.0005EPSS

CVE•added 2023/02/01 4:28 a.m.•62 views

CVE-2022-34459

CVE-2022-34459 concerns three Dell update products: Dell Command | Update, Dell Update, and Alienware Update, all versions prior to 4.7 . The flaw is an improper verification of cryptographic signatures in the function Get Applicable Driver Component, enabling a local attacker to potentially exec...

7.8CVSS7.4AI score0.0003EPSS

CVE•added 2019/12/03 8:20 p.m.•61 views

CVE-2019-3750

CVE-2019-3750 affects Dell Command Update versions prior to 3.1. The issue arises from insecure handling of Temp permissions, enabling a locally authenticated, low-privilege attacker to delete arbitrary files by creating a symlink from Temp\IC\ICDebugLog.txt to a target file. Impact: arbitrary fi...

5.6CVSS5.4AI score0.00049EPSS

CVE•added 2019/12/03 8:20 p.m.•55 views

CVE-2019-3749

Dell Command Update (pre-3.1) is affected by an Arbitrary File Deletion vulnerability. A local authenticated attacker can delete arbitrary files by exploiting a symlink from Temp\ICProgress\Dell_InventoryCollector_Progress.xml to a target file, due to incorrect permissions on the Temp directory. ...

5.6CVSS5.4AI score0.00049EPSS

CVE•added 2023/02/10 8:3 p.m.•55 views

CVE-2022-34384

Dell SupportAssist Client (Consumer 3.11.1 and earlier) and SupportAssist Client Commercial (3.2 and earlier), Dell Command | Update, Dell Update, and Alienware Update (before 4.5) contain a Local Privilege Escalation vulnerability in the Advanced Driver Restore component. A local attacker could ...

7.8CVSS7.5AI score0.00104EPSS

CVE•added 2023/02/01 4:34 a.m.•46 views

CVE-2022-34458

The CVE-2022-34458 entry covers Dell Command | Update, Dell Update, and Alienware Update (

6.6CVSS5.3AI score0.00064EPSS

CVE•added 2023/06/23 11:4 a.m.•43 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update (Windows) have versions 4.8.0 and earlier affected by an Insecure Operation on Windows Junction / Mount Point vulnerability. The root cause is an insecure operation involving Windows junctions/mount points, allowing a local attacker to esca...

7.3CVSS7.1AI score0.00069EPSS

CVE•added 2023/06/23 10:37 a.m.•40 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point that could allow a local attacker to create arbitrary folders, leading to permanent Denial of Service. Exploitation is described as local, with no...

7.1CVSS6.9AI score0.00054EPSS

CVE•added 2024/08/06 3:59 a.m.•40 views

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP are affected by an Exposed Dangerous Method or Function vulnerability in versions prior to 5.4, enabling unauthenticated remote DoS. The issue is documented across CVE-2024-28962/NVD and ancillary sources with no exploit details provide...

7.5CVSS7.2AI score0.00219EPSS