Multiple DLL Hijacking Vulnerabilities in Dell GeoDrive
CVE-2022-33921

7HIGH

Key Information:

Vendor: Dell
Status: Geodrive
Vendor: CVE Published:; 22 September 2022

What is CVE-2022-33921?

Dell GeoDrive versions before 2.2 are susceptible to multiple DLL hijacking vulnerabilities. These vulnerabilities allow a low privilege attacker to potentially exploit the system, executing arbitrary code with SYSTEM level privileges. This could lead to significant compromises in system security and integrity if unaddressed. It's crucial for users to update to the latest version to mitigate these risks.

Affected Version(s)

GeoDrive < 2.2

References

https://www.dell.com/support/kbdoc/000203632

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 22, 2022
Vulnerability Reserved
Jun 17, 2022