CVE-2024-39576

Name of the Vulnerable Software and Affected Versions Dell Power Manager versions 3.15.0 and prior

Description The issue is related to an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and elevation of privileges. The vulnerability involves an insecure DCOM deserialization, allowing elevation to SYSTEM.

Recommendations For versions 3.15.0 and prior, update to a version later than 3.15.0 to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.