CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28049
https://notcve.org/view.php?id=CVE-2023-28049
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. Dell Command | Monitor, las versiones anteriores a la 10.9 contienen una vulnerabilidad de eliminación arbitraria de carpetas. Un usuario malintencionado autenticado localmente puede aprovechar esta vulnerabilidad para realizar una eliminación arbitraria de archivos con privilegios. • https://www.dell.com/support/kbdoc/en-us/000211748/dsa-2023-125-dell-command-monitor-dcm • CWE-267: Privilege Defined With Unsafe Actions CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44290
https://notcve.org/view.php?id=CVE-2023-44290
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. Dell Command | Monitor las versiones anteriores a la 10.10.0 contienen una vulnerabilidad de control de acceso inadecuado. Un usuario estándar malicioso local podría explotar esta vulnerabilidad mientras repara/cambia la instalación, lo que provocaría una escalada de privilegios. • https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28068
https://notcve.org/view.php?id=CVE-2023-28068
Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path • https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24573
https://notcve.org/view.php?id=CVE-2023-24573
Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207973/dsa-2023-033 • CWE-264: Permissions, Privileges, and Access Controls •