Execution with Unnecessary Privileges in Dell NativeEdge

CVE-2024-47978

7.8HIGH

Key Information

Vendor: Dell
Status: Nativeedge
Vendor: CVE Published:; 25 December 2024

Summary

Dell NativeEdge version 2.1.0.0 has a vulnerability that permits local attackers with low privileges to potentially exploit the system. This flaw can lead to elevated privileges, giving unauthorized users increased access to sensitive operations within the system. It is crucial for users and administrators of Dell NativeEdge to stay informed about this vulnerability and take immediate actions as recommended by Dell's security advisory to safeguard their environments.

Affected Version(s)

NativeEdge < 2.1.0.0

References

https://www.dell.com/support/kbdoc/en-us/000258904/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 25, 2024
Vulnerability Reserved
Oct 8, 2024

Collectors

NVD DatabaseMitre Database