3 matches found
CVE-2024-25957
Dell Grab for Windows (5.0.4 and earlier) has a vulnerability in the appsync module where sensitive data is stored in plaintext, allowing an authenticated local attacker to disclose information that could grant access to the appsync application with elevated privileges. This is a locally exploita...
CVE-2024-25958
Dell Grab for Windows (up to 5.0.4) contains a Weak Application Folder Permissions vulnerability that can be exploited by a local authenticated attacker to achieve privilege escalation, access/modify application data, and potentially disrupt services. Root cause is improper folder permissions wit...
CVE-2024-25956
Dell Grab for Windows (Dell Grab) vulnerable in versions 5.0.4 and below due to improper file permissions. A locally authenticated attacker could potentially disclose certain system information. Root cause: incorrect/absent restrictive permissions on affected files. Impact is confidentiality risk...