High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34459 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.7 contain an Improper Verification of Cryptographic Signature vulnerability. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34458 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.7 contain an Exposure of Sensitive System Information to an unauthorized user vulnerability. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential data. | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34459 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.7 contain an Improper Verification of Cryptographic Signature vulnerability. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34458 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.7 contain an Exposure of Sensitive System Information to an unauthorized user vulnerability. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential data. | 6.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Command | Update |
Versions before 4.7.1 |
4.7.1 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US |
Dell Update / Alienware Update |
Versions before 4.7.1 |
4.7.1 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US |
Product | Affected Versions | Updated Versions | Link to Update |
Dell Command | Update |
Versions before 4.7.1 |
4.7.1 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US |
Dell Update / Alienware Update |
Versions before 4.7.1 |
4.7.1 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US |
Revision | Date | Description |
1.0 | 2022-11-14 | Initial Release |
20. | 2022-12-08 | Updated Affected Products and Remediation section: Affected Version, Updated Version, and Link to Update |
CVE-2022-34458: Dell would like to thank Alexander Pudwill for reporting this issue.