3 matches found
CVE-2023-39254
Dell Update Package (DUP) suffers an Uncontrolled Search Path vulnerability in versions prior to 4.9.10. A local attacker could potentially exploit this to execute arbitrary code with admin privileges. Affected product/component: Dell Update Package (DUP) framework. Root cause: uncontrolled searc...
CVE-2019-3726
CVE-2019-3726 describes an Uncontrolled Search Path vulnerability in the Dell Update Package (DUP) Framework. Affected are: DUP Framework file versions before 19.1.0.413 and 103.4.6.69 (Dell EMC Servers) and DUP Framework file versions before 3.8.3.67 (Dell Client Platforms). The flaw is limited ...
CVE-2025-22395
Dell Update Package Framework (DUPF) vulnerabilities affect versions prior to 22.01.02, with a Local Privilege Escalation that could allow a local, low-privilege attacker to execute arbitrary remote scripts on the server and potentially cause a denial of service. Root cause is local privilege esc...