Dell Display Manager vulnerability allows low-privilege users to execute malicious code
CVE-2023-32451

7.3HIGH

Key Information:

Vendor: Dell
Status: Dell Display Manager
Vendor: CVE Published:; 6 February 2024

Summary

The Dell Display Manager application, specifically version 2.1.1.17, contains a vulnerability that can be exploited by low privilege users. This issue allows for the execution of malicious code during both the installation and uninstallation processes of the application. Such vulnerabilities can lead to significant security breaches if not addressed promptly, as they enable unauthorized access and manipulation of the system by an attacker.

Affected Version(s)

Dell Display Manager 2.1.1.17

References

https://www.dell.com/support/kbdoc/en-us/000215216/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2024
Vulnerability Reserved
May 9, 2023

Credit

Marius Gabriel Mihai