Uncontrolled Search Path Vulnerability in Alienware Command Center Could Lead to System Compromise
CVE-2024-22450

7.8HIGH

Key Information:

Vendor: Dell
Status: Alienware Command Center (awcc)
Vendor: CVE Published:; 10 April 2024

Summary

The vulnerability allows local malicious users to exploit the uncontrolled search path element in Dell Alienware Command Center, versions prior to 6.2.7.0. By manipulating the file search path, an attacker may inject malicious files, potentially compromising the system's integrity. Prompt updates to the affected software are recommended to mitigate this risk.

Affected Version(s)

Alienware Command Center (AWCC) < 6.2.7.0

References

https://www.dell.com/support/kbdoc/en-us/000218222/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Jan 10, 2024