CVE-2023-32474

Name of the Vulnerable Software and Affected Versions Dell Display Manager versions 2.1.1.17 and prior

Description The issue is related to an insecure operation on Windows junction/mount points in the Dell Display Manager application. A local malicious user could potentially exploit this during installation, leading to arbitrary folder or file deletion. The vulnerability is associated with incorrect link resolution before accessing a file, which could allow an attacker to delete arbitrary files.

Recommendations For versions 2.1.1.17 and prior, consider restricting access to the Dell Display Manager application during installation to minimize the risk of exploitation. As a temporary workaround, avoid using the application until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.