What is the vulnerability ID of this Dell Command | Update and Alienware Update vulnerability?

The vulnerability ID is CVE-2023-28071.

What is the severity of CVE-2023-28071?

The severity of CVE-2023-28071 is high with a score of 7.1.

How can a local malicious user exploit CVE-2023-28071?

A local malicious user can potentially exploit CVE-2023-28071 to create arbitrary folders leading to permanent Denial of Service.

Where can I find more information about CVE-2023-28071?

You can find more information about CVE-2023-28071 on the Dell support website: https://www.dell.com/support/kbdoc/en-us/000213546/dsa-2023-170-dell-command-update

Vulnerability/
CVE-2023-28071

high

7.1

CWE

59 1386

23/6/2023

7/11/2024

CVE-2023-28071

First published: Fri Jun 23 2023(Updated: )

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell Alienware Update	<4.9.0
Dell Alienware Update	=4.9.0-a01
Dell Command Update	<4.9.0
Dell Command Update	=4.9.0-a01
Dell Update	<4.9.0
Dell Update	=4.9.0-a01
Microsoft Windows

Remedy

https://www.dell.com/support/kbdoc/en-us/000213546/dsa-2023-170-dell-command-update

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000213546/dsa-2023-170-dell-command-update

Frequently Asked Questions

What is the vulnerability ID of this Dell Command | Update and Alienware Update vulnerability?
The vulnerability ID is CVE-2023-28071.
What is the severity of CVE-2023-28071?
The severity of CVE-2023-28071 is high with a score of 7.1.
What software versions are affected by CVE-2023-28071?
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0 A01 and prior are affected by CVE-2023-28071.
How can a local malicious user exploit CVE-2023-28071?
A local malicious user can potentially exploit CVE-2023-28071 to create arbitrary folders leading to permanent Denial of Service.
Where can I find more information about CVE-2023-28071?
You can find more information about CVE-2023-28071 on the Dell support website: https://www.dell.com/support/kbdoc/en-us/000213546/dsa-2023-170-dell-command-update

collector/nvd-index
agent/weakness
agent/type
agent/severity
agent/references
agent/author
agent/description
agent/first-publish-date
agent/softwarecombine
agent/remedy
agent/last-modified-date
agent/event
agent/tags
collector/mitre-cve
source/MITRE
vendor/dell
canonical/dell alienware update
version/dell alienware update/4.9.0-a01
canonical/dell command update
version/dell command update/4.9.0-a01
canonical/dell update
version/dell update/4.9.0-a01
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.