Insecure File and Folder Permissions Vulnerability in Dell GeoDrive
CVE-2022-33922

7HIGH

Key Information:

Vendor: Dell
Status: Geodrive
Vendor: CVE Published:; 12 October 2022

Summary

Dell GeoDrive, prior to version 2.2, is susceptible to vulnerabilities related to insecure file and folder permissions. This allows attackers with low privileges to potentially exploit the flaw, enabling them to execute arbitrary code within the SYSTEM security context. Users are strongly advised to upgrade to the latest version to mitigate these risks and enhance security.

Affected Version(s)

GeoDrive < 2.2

References

https://www.dell.com/support/kbdoc/000203632

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 12, 2022
Vulnerability Reserved
Jun 17, 2022