9 matches found
CVE-2023-32479
CVE-2023-32479 affects Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server (all versions prior to 11.9.0). Root cause: improper ACLs in the non-default installation directory allow a local attacker to replace binaries and escalate privileges (e.g., obtain...
CVE-2018-15766
Dell Encryption (versions before 10.0.1) and Dell Endpoint Security Suite Enterprise (before 2.0.1) are affected by a vulnerability where, during installation of the Encryption Management Agent (EMAgent), the Minimum Password Length GPO is overwritten to 1. This allows bypassing the password-leng...
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server are affected by CVE-2023-39246 due to an Insecure Operation on Windows Junction during installation. The issue allows a local attacker with low privileges and no user interaction to create an arbitrary f...
CVE-2025-36564
Dell Encryption Admin Utilities (Dell) versions prior to 11.10.2 are affected by an Improper Link Resolution vulnerability that can be exploited locally by a user with low privileges to achieve privilege escalation. The root cause is an incorrect link resolution in the utility. The issue is docum...
CVE-2019-3745
The CVE-2019-3745 issue affects Dell Encryption Enterprise prior to 10.4.0 and Dell Endpoint Security Suite Enterprise prior to 2.4.0. It is exploitable only during product installation by an administrator. A local authenticated low-privilege user could stage a malicious DLL in the installer's se...
CVE-2020-5385
Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a local privilege-escalation vulnerability stemming from an incomplete fix for CVE-2020-5358 (incorrect permissions). A local attacker with low privileges could elevate privileges via a symbolic ...
CVE-2025-36611
Dell Encryption and Dell Security Management Server contain an Improper Link Resolution Before File Access ("Link Following") vulnerability affecting versions prior to 11.11.0. A local attacker could potentially escalate privileges by abusing link resolution behavior. The issue is fixed in versio...
CVE-2025-46636
Dell Encryption (versions prior to 11.12.1) is affected by an Improper Link Resolution Before File Access ("Link Following") vulnerability. A low-privilege, local attacker could exploit this to tamper with information. The issue is documented across multiple sources (NVD, Red Hat, CVE lists) with...
CVE-2025-46637
Dell Encryption (pre-11.12.1) contains an Improper Link Resolution Before File Access (Link Following) vulnerability that could allow a local attacker to achieve Elevation of Privileges. Affected component: Dell Encryption software; vulnerable version range: prior to 11.12.1. Exploit details are ...