CVE-2024-37142

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:peripheral_manager:*:*:*:*:*:*:*:*

History

08 Aug 2024, 21:17

Type Values Removed Values Added
CPE cpe:2.3:a:dell:peripheral_manager:*:*:*:*:*:*:*:*
References () https://www.dell.com/support/kbdoc/en-us/000225474/dsa-2024-242 - () https://www.dell.com/support/kbdoc/en-us/000225474/dsa-2024-242 - Vendor Advisory
CVSS v2 : unknown
v3 : 7.3
v2 : unknown
v3 : 7.8
First Time Dell peripheral Manager
Dell

31 Jul 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Dell Peripheral Manager, versiones anteriores a 1.7.6, contiene una vulnerabilidad de elemento de ruta de búsqueda no controlada. Un atacante podría explotar esta vulnerabilidad mediante la precarga de una DLL maliciosa o la explotación de enlaces simbólicos, lo que lleva a la ejecución de código arbitrario y la escalada de privilegios.

31 Jul 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-31 09:15

Updated : 2024-08-08 21:17


NVD link : CVE-2024-37142

Mitre link : CVE-2024-37142

CVE.ORG link : CVE-2024-37142


JSON object : View

Products Affected

dell

  • peripheral_manager
CWE
CWE-427

Uncontrolled Search Path Element