Local Privilege Escalation Vulnerability in Dell Repository Manager Could Lead toOS Execution
CVE-2023-22576

7.8HIGH

Key Information:

Vendor: Dell
Status: Dell Repository Manager (drm)
Vendor: CVE Published:; 21 August 2024

What is CVE-2023-22576?

The local privilege escalation vulnerability in Dell Repository Manager, particularly present in version 3.4.2 and earlier, allows a low privileged attacker to exploit improper privilege management within the installation module. This exploitation could lead to the execution of arbitrary executables on the operating system with elevated privileges. Such unauthorized access may result in the potential disruption of service availability and compromise system integrity. It is crucial for users of affected versions to apply the necessary security updates to safeguard against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dell Repository Manager (DRM) <= 3.4.2

References

https://www.dell.com/support/kbdoc/en-us/000207513/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 21, 2024
Vulnerability Reserved
Jan 2, 2023

Credit

Dell would like to thank Marius Gabriel Mihai for reporting this issue.

JSON

Dell

What is CVE-2023-22576?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.