Improper Access Control Vulnerability in Dell Common Event Enabler
CVE-2023-32477

7.8HIGH

Key Information:

Vendor: Dell
Status: Common Event Enabler
Vendor: CVE Published:; 29 September 2023

What is CVE-2023-32477?

The Dell Common Event Enabler, specifically version 8.9.8.2 for Windows and earlier releases, suffers from an improper access control vulnerability. A low-privileged local user could exploit this flaw to elevate their privileges, potentially compromising system integrity and allowing unauthorized access to sensitive functions and information. This vulnerability underscores the importance of maintaining strict access control measures and ensuring timely updates to safeguard against potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Common Event Enabler Windows CEE versions prior to CEE 8.9.9.0

References

https://www.dell.com/support/kbdoc/en-us/000218120/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 29, 2023
Vulnerability Reserved
May 9, 2023

Credit

Dell would like to thank hamdi aka falconcorruption for reporting this issue

JSON

Dell

What is CVE-2023-32477?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.