Dell · Dell Power Manager · CVE-2024-39576
**Name of the Vulnerable Software and Affected Versions**
Dell Power Manager versions 3.15.0 and prior
**Description**
The issue is related to an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and elevation of privileges. The vulnerability involves an insecure DCOM deserialization, allowing elevation to SYSTEM.
**Recommendations**
For versions 3.15.0 and prior, update to a version later than 3.15.0 to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.