Lucene search
K
DellUpdate Package Framework

5 matches found

CVE
CVE
added 2024/03/01 12:43 p.m.79 views

CVE-2023-39254

Dell Update Package (DUP) suffers an Uncontrolled Search Path vulnerability in versions prior to 4.9.10. A local attacker could potentially exploit this to execute arbitrary code with admin privileges. Affected product/component: Dell Update Package (DUP) framework. Root cause: uncontrolled searc...

7.3CVSS6.6AI score0.00171EPSS
CVE
CVE
added 2019/09/24 3:31 p.m.67 views

CVE-2019-3726

CVE-2019-3726 describes an Uncontrolled Search Path vulnerability in the Dell Update Package (DUP) Framework. Affected are: DUP Framework file versions before 19.1.0.413 and 103.4.6.69 (Dell EMC Servers) and DUP Framework file versions before 3.8.3.67 (Dell Client Platforms). The flaw is limited ...

6.7CVSS6.7AI score0.00463EPSS
CVE
CVE
added 2025/01/07 2:52 a.m.61 views

CVE-2025-22395

Dell Update Package Framework (DUPF) vulnerabilities affect versions prior to 22.01.02, with a Local Privilege Escalation that could allow a local, low-privilege attacker to execute arbitrary remote scripts on the server and potentially cause a denial of service. Root cause is local privilege esc...

8.2CVSS7AI score0.00194EPSS
CVE
CVE
added 2024/02/06 8:0 a.m.48 views

CVE-2023-32454

Dell DUP Framework ≤ 4.9.4.36 is affected by an insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit this to create arbitrary files, potentially causing denial of service. Affected product: Dell Update Package Framework. Root cause: insec...

7.1CVSS6.8AI score0.00168EPSS
CVE
CVE
added 2026/02/12 2:5 a.m.20 views

CVE-2026-23857

Dell Update Package (DUP) Framework versions 23.12.00–24.12.00 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability that could allow a low-privileged, local attacker to achieve Elevation of Privilege. The CVE entry notes a high impact on confidentiality, integrity,...

8.2CVSS5.4AI score0.00092EPSS