CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25934
https://notcve.org/view.php?id=CVE-2023-25934
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. • https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28070
https://notcve.org/view.php?id=CVE-2023-28070
Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000212277/dsa-2023-135 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28047
https://notcve.org/view.php?id=CVE-2023-28047
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges. • https://www.dell.com/support/kbdoc/en-uk/000211727/dsa-2023 • CWE-272: Least Privilege Violation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28062
https://notcve.org/view.php?id=CVE-2023-28062
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions. • https://www.dell.com/support/kbdoc/en-us/000212242/dsa-2023-137-dell-powerprotect-data-manager-security-update-for-proprietary-code-vulnerability • CWE-648: Incorrect Use of Privileged APIs •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28051
https://notcve.org/view.php?id=CVE-2023-28051
Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system. • https://www.dell.com/support/kbdoc/en-us/000211891/dsa-2023-221-dell-power-manager • CWE-284: Improper Access Control •