CVE-2023-3039
https://notcve.org/view.php?id=CVE-2023-3039
SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. SD ROM Utility, versiones anteriores a 1.0.2.0 contienen una vulnerabilidad de Control de Acceso Incorrecto. Un usuario malicioso con pocos privilegios podría aprovechar esta vulnerabilidad para realizar la ejecución de código arbitrario con acceso limitado. • https://www.dell.com/support/kbdoc/en-us/000216282/dsa-2023-274 • CWE-284: Improper Access Control •
CVE-2023-32470
https://notcve.org/view.php?id=CVE-2023-32470
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). Las versiones de Dell Digital Delivery anteriores a 5.0.82.0 contienen una vulnerabilidad de Operación Insegura en Windows Junction / Mount Point. Un usuario malicioso local podría aprovechar esta vulnerabilidad para crear una carpeta arbitraria que provocaría una denegación de servicio (DOS) permanente. • https://www.dell.com/support/kbdoc/en-us/000216243/dsa-2023-224 • CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVE-2023-28072
https://notcve.org/view.php?id=CVE-2023-28072
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. El centro de comandos Dell Alienware, versiones anteriores a 5.5.51.0,contienen una vulnerabilidad de Deserialización de Datos no Confiables. Un usuario local malintencionado podría enviar solicitudes especialmente diseñadas al servidor remoto .NET para ejecutar código arbitrario en el sistema. • https://www.dell.com/support/kbdoc/en-in/000212982/dsa-2023-158 • CWE-502: Deserialization of Untrusted Data •
CVE-2023-32457
https://notcve.org/view.php?id=CVE-2023-32457
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. Dell PowerScale OneFS, versiones 8.2.2.x-9.5.0.x, contiene una vulnerabilidad de administración de privilegios incorrecta. Un atacante remoto con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría una escalada de privilegios. • https://www.dell.com/support/kbdoc/en-us/000216916/dsa-2023-277-security-update-for-dell-powerscale-onefs-for-improper-privilege-management-vulnerability • CWE-267: Privilege Defined With Unsafe Actions CWE-269: Improper Privilege Management •
CVE-2023-32453
https://notcve.org/view.php?id=CVE-2023-32453
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. • https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios • CWE-287: Improper Authentication •