Arbitrary Folder Deletion Vulnerability in Dell Command | Monitor
CVE-2023-24573

7.1HIGH

Key Information:

Vendor: Dell
Status: Dell Command Monitor (DCM)
Vendor: CVE Published:; 10 February 2023

Summary

Dell Command | Monitor versions prior to 10.9 are susceptible to an arbitrary folder deletion vulnerability during the uninstallation process. This flaw can be exploited by a locally authenticated malicious user, allowing them to delete any folder on the system, potentially leading to data loss and system instability. Proper measures should be taken to ensure that software is updated to mitigate this risk.

Affected Version(s)

Dell Command Monitor (DCM) 0 < 10.9

References

https://www.dell.com/support/kbdoc/en-us/000207973/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 10, 2023
Vulnerability Reserved
Jan 26, 2023