CVE-2024-39576
https://notcve.org/view.php?id=CVE-2024-39576
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges. • https://www.dell.com/support/kbdoc/en-us/000227010/dsa-2024-323 • CWE-266: Incorrect Privilege Assignment •
CVE-2023-22576
https://notcve.org/view.php?id=CVE-2023-22576
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service. • https://www.dell.com/support/kbdoc/en-us/000207513/dsa-2023-017-dell-emc-repository-manager-drm-security-update-for-an-improper-privilege-management-vulnerability • CWE-269: Improper Privilege Management •
CVE-2024-38305
https://notcve.org/view.php?id=CVE-2024-38305
Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with elevated privileges. • https://www.dell.com/support/kbdoc/en-us/000227899/dsa-2024-312-security-update-for-dell-supportassist-for-home-pcs-installer-file-local-privilege-escalation-vulnerability • CWE-426: Untrusted Search Path •
CVE-2024-38483
https://notcve.org/view.php?id=CVE-2024-38483
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. • https://www.dell.com/support/kbdoc/en-us/000225776/dsa-2024-260 • CWE-20: Improper Input Validation •
CVE-2024-28962
https://notcve.org/view.php?id=CVE-2024-28962
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. Comando Dell | Update, Dell Update y Alienware Update UWP, versiones anteriores a la 5.4, contienen una vulnerabilidad de función o método peligroso expuesto. Un atacante no autenticado con acceso remoto podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000227236/dsa-2024-169 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •