DSA-2024-032: Security Update for Dell Digital Delivery for a Buffer Overflow Vulnerability
요약: Dell Digital Delivery remediation is available for a buffer overflow vulnerability that could be exploited by malicious users to compromise the affected system.
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
영향
High
세부 정보
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-0156 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. |
7.0 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-0156 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. |
7.0 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
영향을 받는 제품 및 문제 해결
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Release Date (MM/DDD/YYYY) | Link |
|---|---|---|---|---|---|
| CVE-2024-0156 | Dell Digital Delivery | Versions prior to 5.2.0.0 | Version 5.2.0.0 or later | 08/01/2024 | https://www.dell.com/support/kbdoc/en-us/000192053/how-to-download-and-install-dell-digital-delivery |
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Release Date (MM/DDD/YYYY) | Link |
|---|---|---|---|---|---|
| CVE-2024-0156 | Dell Digital Delivery | Versions prior to 5.2.0.0 | Version 5.2.0.0 or later | 08/01/2024 | https://www.dell.com/support/kbdoc/en-us/000192053/how-to-download-and-install-dell-digital-delivery |
해결 방법 및 완화 방안
None
개정 내역
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-03-01 | Initial Release |
| 2.0 | 2024-03-01 | Updated for enhanced presentation with no changes to content |
| 3.0 | 2024-08-20 | Updated Affected Products and Remediation section Updated CVE description to update version |
감사의 말
Dell Technologies would like to thank Yue Liu From TIANGONG Team of Legendsec at QI-ANXIN Group for reporting this issue.
관련 정보
법적 고지 사항
해당 제품
Utilities문서 속성
문서 번호: 000222536
문서 유형: Dell Security Advisory
마지막 수정 시간: 20 8월 2024
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.