Article Number: 000225474
High
Proprietary Code CVEs |
Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-37127 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2024-37142 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
CVE-2024-32857 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Proprietary Code CVEs |
Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-37127 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2024-37142 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
CVE-2024-32857 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date | Link |
---|---|---|---|---|---|---|
CVE-2024-37127, CVE-2024-37142, CVE-2024-32857 | Dell Peripheral Manager | Software | Versions prior to 1.7.6 | Versions 1.7.6 or later | 07/30/2024 | Support for Dell Peripheral Manager | Drivers & Downloads | Dell US |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Release Date | Link |
---|---|---|---|---|---|---|
CVE-2024-37127, CVE-2024-37142, CVE-2024-32857 | Dell Peripheral Manager | Software | Versions prior to 1.7.6 | Versions 1.7.6 or later | 07/30/2024 | Support for Dell Peripheral Manager | Drivers & Downloads | Dell US |
None
CVE-2024-37127, CVE-2024-37142, CVE-2024-32857: Dell Technologies would like to thank Ouallaout Noureddine for reporting these issues
Revision | Date | Description |
1.0 | 2024-07-30 | Initial Release |
Dell Peripheral Manager
30 Jul 2024
Dell Security Advisory