Unquoted File Path Vulnerability in Dell GeoDrive Software
CVE-2022-33920
7.8HIGH
Summary
Dell GeoDrive before version 2.2 has a vulnerability related to unquoted file paths that can be exploited by low privilege attackers. If successfully exploited, this flaw could allow the execution of arbitrary code within the SYSTEM context, potentially leading to unauthorized access and control over the affected system. It is crucial for users to update their software to mitigate this risk. For further details, visit the official documentation from Dell.
Affected Version(s)
GeoDrive < 2.2
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved