Johannes Hatting

**Name of the Vulnerable Software and Affected Versions** Dell Alienware Command Center versions 5.5.37.0 and prior **Description** The issue is related to improper input validation. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. **Recommendations** For versions 5.5.37.0 and prior, consider restricting access to the named pipe until a patch is available. As a temporary workaround, limit the privileges of users who have access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell Command | Integration Suite for System Center versions prior to 6.2.0 **Description** The issue allows a locally authenticated malicious user to potentially perform an arbitrary file write as system, due to an arbitrary file write vulnerability. **Recommendations** For versions prior to 6.2.0, update to version 6.2.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Atlassian Companion App versions prior to 1.0.0 **Description** The issue concerns a untrusted search path vulnerability in the file editing functionality of the Atlassian Companion App. This vulnerability allows local attackers to have the app run a different executable in place of the app's cmd.exe. **Recommendations** For versions prior to 1.0.0, update to version 1.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Atlassian Companion App versions prior to 1.0.0 **Description** The issue concerns the file downloading functionality in the Atlassian Companion App, which allows remote attackers who control a connected Confluence Server instance to execute arbitrary .exe files. This is due to a Protection Mechanism Failure. **Recommendations** For versions prior to 1.0.0, update to version 1.0.0 or later to resolve the issue.