CVE-2023-32479

Name of the Vulnerable Software and Affected Versions Dell Encryption versions prior to 11.9.0 Dell Endpoint Security Suite Enterprise versions prior to 11.9.0 Dell Security Management Server versions prior to 11.9.0

Description The issue is related to a privilege escalation vulnerability due to improper Access Control List (ACL) settings in the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in the installed directory, leading to privilege escalation. This could allow an attacker to gain elevated privileges on the system.

Recommendations For Dell Encryption versions prior to 11.9.0, update to version 11.9.0 or later to resolve the issue. For Dell Endpoint Security Suite Enterprise versions prior to 11.9.0, update to version 11.9.0 or later to resolve the issue. For Dell Security Management Server versions prior to 11.9.0, update to version 11.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the non-default installation directory to minimize the risk of exploitation.