Incorrect default permissions vulnerability in Dell Digital Delivery versions prior to 3.5.2015

Overview :
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
Affected Product(s) :
Dell Digital Delivery versions prior to 3.5.2015

Alienware Digital Delivery versions prior to 3.5.2015

Vulnerability Details :
CVE ID :

CVE-2020-5342

Solution :

The following Dell/Alienware Digital Delivery releases contain a resolution to these vulnerabilities:

  • Dell Digital Delivery versions 3.5.2015 and later
  • Alienware Digital Delivery versions 3.5.2015 and later

Dell recommends all customers upgrade at the earliest opportunity.

Please visit the Dell Support Drivers and Downloads site for updates on the applicable products.

 

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-30049 : SSRF Vulnerability

Description A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet

CVE-2022-24878 : Improper Path Handling In Kustomization Files Allows For Denial Of Service

Description The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user

Latest Spring Vulnerabilities Exploitation – CVE-2022-22965

Latest Spring Vulnerabilities Exploitation – CVE-2022-22965

Are you having a Spring MVC or Spring WebFlux application running on JDK version 9 or higher? Then ensure that