CVE-2022-34457

Name of the Vulnerable Software and Affected Versions Dell Command Configure versions 4.8 and prior

Description The issue is related to improper folder permission handling when Dell Command Configure is installed to a non-default, non-secured path. This can lead to privilege escalation, allowing a non-admin user to modify files within the installed directory and potentially make the application unavailable to all users.

Recommendations For versions 4.8 and prior, consider restricting access to the installed directory to prevent non-admin users from modifying files until a fix is available. As a temporary workaround, ensure the application is installed to the default, secured path to minimize the risk of exploitation.