Medium
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-28065 | Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation. | 6.7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-28065 | Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation. | 6.7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
Dell Command | Update |
4.8.0 and prior |
4.9.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit versions for Microsoft Windows 10 Dell Command | Update Application | Driver Details | Dell US |
Dell Update / Alienware Update |
4.8.0 and prior |
4.9.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
Dell Command | Update |
4.8.0 and prior |
4.9.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Command | Update Application for Windows 10 | Driver Details | Dell US Windows 32 and 64-bit versions for Microsoft Windows 10 Dell Command | Update Application | Driver Details | Dell US |
Dell Update / Alienware Update |
4.8.0 and prior |
4.9.0 |
Universal Windows Platform version for Windows 10 32-bit and 64-bit Dell Update/Alienware Update Application for Windows 10 | Driver Details | Dell US |
None.
Revision | Date | Description |
1.0 | 2023-05-09 | Initial Release |
CVE-2023-28065: Dell Technologies would like to thank Marius Gabriel Mihai for reporting this issue.