PT-2023-26846 · Dell+1 · Dell Encryption+3
Published
2023-11-16
·
Updated
2023-11-29
·
CVE-2023-39246
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell Encryption versions prior to 11.8.1
Dell Endpoint Security Suite Enterprise versions prior to 11.8.1
Dell Security Management Server versions prior to 11.8.1
Description
The issue is related to an Insecure Operation on Windows Junction Vulnerability that occurs during installation. A local malicious user could potentially exploit this to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation.
Recommendations
For Dell Encryption versions prior to 11.8.1, update to version 11.8.1 or later.
For Dell Endpoint Security Suite Enterprise versions prior to 11.8.1, update to version 11.8.1 or later.
For Dell Security Management Server versions prior to 11.8.1, update to version 11.8.1 or later.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dell Encryption
Dell Endpoint Security Suite Enterprise
Dell Security Management Server
Windows