CVE-2020-5343
First published: Mon May 04 2020(Updated: )
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell OS Recovery Tool | <2019-12-20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Dell Client platforms vulnerability?
The vulnerability ID for this Dell Client platforms vulnerability is CVE-2020-5343.
What is the severity of CVE-2020-5343?
The severity of CVE-2020-5343 is high.
What is the affected software for CVE-2020-5343?
The affected software for CVE-2020-5343 is Dell OS Recovery Image for Microsoft Windows 10.
How can a local malicious user exploit CVE-2020-5343?
A local malicious user with low privileges can exploit CVE-2020-5343 to gain unauthorized access on the root folder.
Where can I find more information about CVE-2020-5343?
You can find more information about CVE-2020-5343 on the Dell support website: https://www.dell.com/support/article/SLN321036
- agent/type
- agent/weakness
- agent/softwarecombine
- agent/severity
- agent/remedy
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell os recovery tool