PT-2018-10285 · Dell · Dell Digital Delivery

Published

2018-10-02

Updated

2020-08-24

CVE-2018-11072

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell Digital Delivery versions prior to 3.5.1

Description The issue allows a local authenticated malicious user with advanced knowledge of the application workflow to potentially load and execute a malicious DLL with administrator privileges.

Recommendations For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2018-11072

Affected Products

Dell Digital Delivery

PT-2018-10285 · Dell · Dell Digital Delivery

CVE-2018-11072

Weakness Enumeration

Related Identifiers

Affected Products

References · 3