Arbitrary File Deletion Vulnerability in Dell Display Manager
CVE-2023-28046

7.1HIGH

Key Information:

Vendor: Dell
Status: Dell Display Manager
Vendor: CVE Published:; 6 April 2023

Summary

Dell Display Manager, in versions 2.1.0 and earlier, has a vulnerability that allows a local low privilege attacker to exploit an arbitrary file or folder deletion during the uninstallation process. This potential exploit could enable unauthorized removal of files from the operating system, which could compromise system integrity and availability.

Affected Version(s)

Dell Display Manager 2.1.0 and prior

References

https://www.dell.com/support/kbdoc/en-us/000211727/dsa-2023

vendor-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 6, 2023
Vulnerability Reserved
Mar 10, 2023