CVE-2023-28072
https://notcve.org/view.php?id=CVE-2023-28072
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. El centro de comandos Dell Alienware, versiones anteriores a 5.5.51.0,contienen una vulnerabilidad de Deserialización de Datos no Confiables. Un usuario local malintencionado podría enviar solicitudes especialmente diseñadas al servidor remoto .NET para ejecutar código arbitrario en el sistema. • https://www.dell.com/support/kbdoc/en-in/000212982/dsa-2023-158 • CWE-502: Deserialization of Untrusted Data •
CVE-2023-28070
https://notcve.org/view.php?id=CVE-2023-28070
Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000212277/dsa-2023-135 • CWE-284: Improper Access Control •
CVE-2023-24569
https://notcve.org/view.php?id=CVE-2023-24569
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. • https://www.dell.com/support/kbdoc/en-us/000208327/dsa-2023-044 • CWE-20: Improper Input Validation •