PT-2023-21527 · Dell · Alienware Update+2
Marius Gabriel Mihai
·
Published
2023-06-23
·
Updated
2023-06-30
·
CVE-2023-28065
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior
Description
The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.
Recommendations
For versions 4.8.0 and prior, update to a version later than 4.8.0 to resolve the issue. As a temporary workaround, consider restricting access to Windows Junction / Mount Point to minimize the risk of exploitation.
Fix
Insecure Operation on Windows Junction
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alienware Update
Dell Command | Update
Dell Update