Noureddine

**Name of the Vulnerable Software and Affected Versions** Dell AppSync version 4.6.0.x **Description** A low privileged attacker with local access could potentially exploit a Symbolic Link (Symlink) Following vulnerability, leading to information tampering. **Recommendations** For Dell AppSync version 4.6.0.x, consider restricting local access to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using any functionality that may be affected by the Symlink Following vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell Peripheral Manager versions prior to 1.7.6 **Description** The issue is related to an uncontrolled search path element in the Dell Peripheral Manager software. This could allow an attacker to potentially exploit the vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege. **Recommendations** For versions prior to 1.7.6, update to version 1.7.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable component to minimize the risk of exploitation. Avoid using potentially vulnerable functions or modules until the issue is resolved.