Insecure Operation Vulnerability in Dell Command | Update and Alienware Update Products
CVE-2023-23698

5.5MEDIUM

Key Information:

Vendor

Dell
Status
Dell Command Update (dcu)
Vendor
CVE Published:
10 February 2023

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2023-23698?

Versions of Dell Command | Update, Dell Update, and Alienware Update prior to 4.6.0 and 4.7.1 are susceptible to an insecure operation vulnerability in their installer component. This flaw may allow a local attacker to manipulate file operations, potentially leading to unauthorized deletion of files on the system. Users of these products are advised to update to the specified versions to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dell Command Update (DCU) Versions 4.6.0 and 4.7.1

News Articles

favicon imageThe Cyber Express

Dell Releases Patch For Windows Vulnerability CVE-2023-23698

Vulnerability Alert: Dell has released a patch for a Windows vulnerability, which allows malicious local users to wreak havoc by deleting arbitrary files

References

https://www.dell.com/support/kbdoc/en-us/000208038/dsa-20...
vendor-advisory

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by The Cyber Express

  • Vulnerability published

  • Vulnerability Reserved

JSON
.