Improper Verification Vulnerability in Dell Command Update and Alienware Update
CVE-2021-36277

7.8HIGH

Key Information:

Vendor: Dell
Status: Alienware Command Center (awcc)
Vendor: CVE Published:; 9 August 2021

What is CVE-2021-36277?

Versions of Dell Command | Update, Dell Update, and Alienware Update prior to 4.3 contain an improper verification of cryptographic signature flaw. A local authenticated user could exploit this vulnerability, potentially allowing them to execute arbitrary code on the affected system. This could lead to unauthorized access and manipulation of sensitive system resources.

Affected Version(s)

Alienware Command Center (AWCC) < 4.3

References

https://www.dell.com/support/kbdoc/000190110

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 9, 2021
Vulnerability Reserved
Jul 8, 2021