3 matches found
CVE-2023-28079
CVE-2023-28079 concerns Dell’s PowerPath for Windows, affecting versions 7.0, 7.1 and 7.2. The root cause is improper management of file and folder permissions, enabling a non‑administrative user to escalate privileges and execute code with NT AUTHORITY\SYSTEM privileges. The vulnerability is loc...
CVE-2023-32448
Affected product: Dell PowerPath for Windows (versions 7.0–7.2). Vulnerability: License key is stored in cleartext in the installation directory, enabling a local user with access to retrieve the key and use it to license PowerPath on other systems. Impact: Local access may lead to unauthorized l...
CVE-2023-28080
PowerPath for Windows (Dell) versions 7.0, 7.1, and 7.2 contain DLL hijacking vulnerabilities that a local non-admin user can exploit to escalate privileges and execute code with NT AUTHORITY\SYSTEM privileges. The issue is documented across multiple feeds (NVD and vendor/national advisories) and...