Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-22394

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-15 Jan, 2025 | 04:41
Updated At-15 Jan, 2025 | 15:06
Rejected At-
Credits

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:15 Jan, 2025 | 04:41
Updated At:15 Jan, 2025 | 15:06
Rejected At:
▼CVE Numbering Authority (CNA)

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.

Affected Products
Vendor
Dell Inc.Dell
Product
Dell Display Manager
Default Status
unaffected
Versions
Affected
  • From N/A before 2.3.2.20 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-367CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Type: CWE
CWE ID: CWE-367
Description: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000267927/dsa-2025-033
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000267927/dsa-2025-033
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:15 Jan, 2025 | 05:15
Updated At:04 Feb, 2025 | 15:51

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary3.17.0HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Dell Inc.
dell
>>display_manager>>Versions before 2.3.2.20(exclusive)
cpe:2.3:a:dell:display_manager:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-367Primarysecurity_alert@emc.com
CWE ID: CWE-367
Type: Primary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000267927/dsa-2025-033security_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000267927/dsa-2025-033
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

164Records found
CVE-2022-26859
Matching Score-10
Assigner-Dell
ShareView Details
Matching Score-10
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.01% / 0.32%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 20:15
Updated-16 Sep, 2024 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareoptiplex_7770_all-in-onexps_15_9510_firmwareinspiron_3470latitude_e7270inspiron_7300_firmwarelatitude_3520vostro_3468precision_3561_firmwareinspiron_7570vostro_3669xps_17_9710_firmwareg5_15_5587inspiron_5590_firmwareprecision_7560g7_17_7790_firmwarelatitude_5179latitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070latitude_9420inspiron_5490_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511latitude_7390_2-in-1inspiron_7501precision_5530_2-in-1inspiron_7300_2-in-1precision_5550xps_17_9700inspiron_7580_firmwareprecision_7720vostro_5581_firmwarelatitude_5300vostro_3400latitude_3380_firmwareoptiplex_7760_aiog3_3500precision_5530_firmwareoptiplex_5040vostro_15_7580optiplex_5050latitude_7320latitude_3470inspiron_15_gaming_7577latitude_7300optiplex_7090optiplex_3050_aioprecision_3620_towervostro_5468g7_17_7700_firmwarexps_13_9360optiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwareinspiron_7000latitude_3420latitude_3590_firmwarelatitude_7490_firmwarevostro_5491_firmwareprecision_5520latitude_5310_2-in-1_firmwareinspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3471inspiron_3511_firmwarelatitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwarelatitude_5175_firmwareinspiron_7586optiplex_3040_firmwarelatitude_3400optiplex_5070latitude_3420_firmwareg5_5000inspiron_13_5378_firmwarexps_15_9575_2-in-1inspiron_5491_2-in-1_firmwarelatitude_7285_firmwareoptiplex_3090_firmwareoptiplex_3240_all-in-onexps_13_9370_firmwarevostro_3581_firmwareinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarevostro_3581latitude_9410optiplex_7070latitude_3570optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwareinspiron_15_5578_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedoptiplex_7090_ultra_firmwarevostro_3268_firmwarevostro_3660inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletprecision_3450inspiron_5510latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarevostro_3568latitude_e5470_firmwarevostro_5591vostro_5090precision_5560latitude_3190vostro_5370latitude_7220ex_rugged_extreme_tablet_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_5521vostro_3478latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540inspiron_3910inspiron_7510_firmwareinspiron_3580_firmwarelatitude_7520inspiron_3781_firmwarevostro_5370_firmwarewyse_5070_firmwarevostro_3670_firmwareinspiron_15_gaming_7577_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520vostro_3660_firmwarewyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290vostro_5410latitude_7212_rugged_extreme_tablet_firmwareinspiron_5402precision_7540_firmwareinspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881vostro_5401edge_gateway_5000_firmwareinspiron_5593wyse_5470_firmwarelatitude_5420_firmwareprecision_3561inspiron_7580vostro_5390_firmwareinspiron_5770latitude_3580vostro_5300precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneinspiron_5410_2-in-1optiplex_xe3vostro_3584precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwarelatitude_5491latitude_9520_firmwareprecision_5560_firmwarevostro_5468_firmwarevostro_3690_firmwareoptiplex_7040inspiron_7386latitude_5520_firmwareoptiplex_5090optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_7280latitude_5400latitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551vostro_5491precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwareinspiron_7610latitude_7275_2-in-1_firmwarevostro_5301_firmwareg7_17_7790vostro_5890embedded_box_pc_3000inspiron_5400_2-in-1latitude_7285inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7610_firmwareoptiplex_7770_all-in-one_firmwareinspiron_5400_2-in-1_firmwareinspiron_7391vostro_3671_firmwareprecision_3440vostro_5402optiplex_7090_ultrag5_5000_firmwareoptiplex_7470_all-in-oneoptiplex_7460_firmwareoptiplex_5250_firmwareinspiron_3576inspiron_3671_firmwareinspiron_7500_2-in-1_firmwareinspiron_5510_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwarevostro_15_7580_firmwarelatitude_7214inspiron_3781vostro_3690inspiron_3576_firmwareinspiron_5300_firmwareg7_7588_firmwarelatitude_3570_firmwareoptiplex_3050_firmwareoptiplex_7490_all-in-onevostro_7500inspiron_7590_firmwareinspiron_7791_firmwarevostro_3568_firmwareprecision_7740_firmwareinspiron_15_3567latitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530g7_7588latitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultrainspiron_5370precision_7740xps_13_9365inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareoptiplex_7440_aioinspiron_15_5579_firmwareinspiron_7306_2-in-1xps_13_9310_firmwareinspiron_3790_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_5770_firmwareinspiron_7586_firmwareprecision_5760_firmwarelatitude_3180_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwareinspiron_17_7773latitude_9510_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1optiplex_5490_aio_firmwareprecision_7760_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511vostro_3668xps_13_9305_firmwareinspiron_5410latitude_7280_firmwarevostro_5502vostro_3670edge_gateway_3000latitude_5280latitude_5179_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_15_5578inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareprecision_3930_rackprecision_7550vostro_3490inspiron_5391g5_15_5590_firmwareinspiron_5598latitude_5320_firmwarexps_7590_firmwareoptiplex_3080latitude_3480precision_5750latitude_rugged_5430vostro_3671inspiron_7591latitude_7310inspiron_7790latitude_5421_firmwareinspiron_7500inspiron_7790_firmwareg15_5511latitude_3379precision_5760vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwarevostro_3478_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareoptiplex_7060latitude_5290_firmwarelatitude_7424_rugged_extremeinspiron_13_5379_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwareoptiplex_3240_all-in-one_firmwarelatitude_7390vostro_3500g3_15_3590latitude_3390_firmwareprecision_3240_compactinspiron_14_3476precision_7750_firmwarelatitude_3520_firmwarelatitude_5285_2-in-1_firmwareinspiron_5490_aiovostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwareprecision_3510_firmwareinspiron_7400inspiron_7370_firmwareprecision_3650_tower_firmwarelatitude_7389_firmwareinspiron_7500_2-in-1optiplex_7470_all-in-one_firmwarevostro_3510latitude_e7470precision_3630_tower_firmwareoptiplex_5040_firmwarexps_13_9310_2-in-1inspiron_3581inspiron_13_7378vostro_5568inspiron_5400_firmwareinspiron_15_5566_firmwarelatitude_5424_ruggedlatitude_5488_firmwareinspiron_5583inspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1g5_5500g5_15_5587_firmwareinspiron_15_7572inspiron_7506_2-in-1vostro_5568_firmwareg7_7500precision_3650_towerinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwarevostro_3881_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550inspiron_3891_firmwarelatitude_7370_firmwarelatitude_7370optiplex_3090_ultra_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1inspiron_5390_firmwareoptiplex_3090_ultralatitude_5490vostro_3070_firmwareinspiron_7390_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_3891inspiron_7786vostro_5310xps_13_9305latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_7090_firmwareoptiplex_3070_firmwareg15_5511_firmwarelatitude_7410_firmwarevostro_3667latitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5491_aioinspiron_13_5378inspiron_3780inspiron_7380_firmwareg5_5500_firmwarelatitude_rugged_7330_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarelatitude_3400_firmwarevostro_3890latitude_3510precision_3560_firmwareinspiron_5584precision_3520inspiron_17_7773_firmwareinspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570vostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareoptiplex_5060_firmwarevostro_3590vostro_5390vostro_3578vostro_5590_firmwarelatitude_3470_firmwareprecision_7530_firmwareinspiron_3790vostro_3583_firmwareinspiron_15_5566latitude_3190_firmwareinspiron_5494xps_15_9500latitude_5500inspiron_15_5582inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3991latitude_5288_firmwareinspiron_7501_firmwareinspiron_5480optiplex_7760_aio_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501precision_3450_firmwareinspiron_7472_firmwarechengming_3990inspiron_5301vostro_3583latitude_5491_firmwarevostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwarelatitude_7214_firmwarexps_13_9365_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarelatitude_3410_firmwarelatitude_5520inspiron_7510vostro_5481wyse_5470_all-in-oneinspiron_7400_firmwareprecision_3530_firmwarelatitude_3320inspiron_5583_firmwarexps_13_9310_2-in-1_firmwarelatitude_5580_firmwarelatitude_3189inspiron_5410_2-in-1_firmwarexps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_7472latitude_5175inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarelatitude_3320_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080vostro_3578_firmwareg15_5510vostro_7500_firmwarelatitude_5480inspiron_5310vostro_5510_firmwarevostro_5471_firmwareinspiron_14_3476_firmwareoptiplex_3046vostro_3468_firmwarelatitude_5414_rugged_firmwarelatitude_5424_rugged_firmwarelatitude_rugged_7330inspiron_15_5582_firmwarelatitude_7300_firmwarelatitude_5421latitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwarewyse_5470optiplex_5090_firmwarevostro_3501_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarexps_27_7760inspiron_7786_firmwarelatitude_3310_2-in-1_firmwareinspiron_15_5579latitude_5320latitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_27_7760_firmwareoptiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411precision_7760optiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450vostro_3500_firmwareoptiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwarelatitude_7320_detachableinspiron_5509latitude_3480_firmwarelatitude_3189_firmwarelatitude_9520xps_13_9360_firmwarevostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498optiplex_7440_aio_firmwarelatitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508latitude_5289_firmwareprecision_5550_firmwarechengming_3980_firmwareinspiron_5491_2-in-1g7_7500_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_15_7572_firmwareinspiron_5590vostro_5481_firmwarevostro_5490inspiron_5301_firmwarevostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_5540vostro_5490_firmwareinspiron_3480latitude_7520_firmwarelatitude_3490precision_3930_rack_firmwarevostro_3710inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareinspiron_7390precision_3430_tower_firmwareprecision_7560_firmwarelatitude_3300_firmwarevostro_5471latitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490vostro_5581latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareinspiron_3670_firmwarevostro_15_7570inspiron_5410_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwareinspiron_5408latitude_7220_rugged_extreme_tablet_firmwarevostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwareoptiplex_3046_firmwarelatitude_3380latitude_5289g3_3500_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwarelatitude_3410precision_5510_firmwarevostro_5402_firmwareprecision_3420_towerg5_15_5590optiplex_7490_all-in-one_firmwareinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarelatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarelatitude_3500vostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarealienware_m15_r6precision_5520_firmwarevostro_3890_firmwareoptiplex_5490_aiochengming_3988xps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareprecision_5540_firmwareinspiron_5401_firmwareinspiron_7573vostro_5501vostro_5590xps_8940_firmwarelatitude_7320_firmwarelatitude_3120vostro_3480precision_3560inspiron_5401_aiooptiplex_5260_all-in-one_firmwareinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedoptiplex_3070inspiron_13_7378_firmwareoptiplex_3040vostro_3910_firmwarelatitude_7290_firmwareprecision_7530inspiron_5370_firmwareinspiron_5391_firmwareinspiron_5502_firmwareoptiplex_7460xps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareinspiron_5409_firmwareprecision_3510xps_13_9380_firmwareinspiron_13_5379inspiron_5390latitude_5288latitude_7490optiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareinspiron_5401optiplex_5250vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwarevostro_15_7570_firmwareCPG BIOS
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-53289
Matching Score-10
Assigner-Dell
ShareView Details
Matching Score-10
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.78%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 07:40
Updated-04 Feb, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.
Product-thinosWyse Proprietary OS (Modern ThinOS)
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-34398
Matching Score-10
Assigner-Dell
ShareView Details
Matching Score-10
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.06%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:28
Updated-26 Mar, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7760_all-in-one_firmwarelatitude_5401optiplex_7770_all-in-oneinspiron_3470latitude_e7270precision_3541_firmwarealienware_m15_r1alienware_x15_r2vostro_3669inspiron_5680vostro_3881_firmwarelatitude_7200_2-in-1inspiron_5477_firmwarelatitude_5511_firmwarelatitude_7380_firmwareprecision_3550vostro_3888inspiron_5490_all-in-one_firmwaredell_g3_15_3590inspiron_5570latitude_7370vostro_3888_firmwarelatitude_7370_firmwareoptiplex_5070_firmwarealienware_aurora_r13precision_7540latitude_3390_2-in-1latitude_3310_2-in-1wyse_5070latitude_5490alienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1alienware_m17_r2vostro_3070_firmwarelatitude_3190_2-in-1optiplex_7071alienware_x14_firmwarealienware_m15_r1_firmwaredell_g5_5000_firmwareinspiron_3583alienware_m17_r3_firmwarelatitude_5300precision_7720edge_gateway_5000vostro_3481alienware_x14latitude_9410_firmwarevostro_7590precision_5530_firmwarelatitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwareoptiplex_5050optiplex_3070_firmwarealienware_aurora_r11latitude_7410_firmwarevostro_3667latitude_7300alienware_x15_r2_firmwarelatitude_e7470_firmwareprecision_3620_toweroptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1precision_3431_toweroptiplex_3060_firmwareinspiron_3780inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwareprecision_5520vostro_5090_firmwarelatitude_5310_2-in-1_firmwarexps_8950latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3502_firmwareprecision_3520dell_g3_3579inspiron_3471inspiron_3880_firmwareoptiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareoptiplex_3050precision_7820_tower_firmwareoptiplex_5080_firmwareoptiplex_7460_all-in-onevostro_3471optiplex_5070dell_latitude_3480_firmwareinspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwareoptiplex_3050_all-in-one_firmwarexps_15_9575_2-in-1optiplex_3090_firmwarevostro_3581_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1vostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarevostro_3583_firmwarelatitude_5420_rugged_firmwareinspiron_3521latitude_3190_firmwarelatitude_5310aurora_r14_firmwareinspiron_5490_all-in-oneoptiplex_7460_all-in-one_firmwareinspiron_5401_all-in-one_firmwaredell_g3_3779_firmwarelatitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8latitude_7220_rugged_extreme_tabletlatitude_5500alienware_x15_r1precision_7550_firmwarelatitude_7390_2-in-1_firmwareinspiron_5400latitude_7480_firmwareinspiron_5477chengming_3991latitude_5288_firmwarevostro_5090inspiron_5480latitude_3190inspiron_3510_firmwarelatitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwarexps_8950_firmwareinspiron_3881_firmwarelatitude_5488latitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarelatitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwarelatitude_5501latitude_7400_firmwareprecision_7710_firmwareinspiron_3580_firmwarelatitude_3590inspiron_3781_firmwarewyse_5070_firmwareprecision_5720_all-in-onechengming_3990vostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3510inspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520vostro_3583alienware_x17_r2wyse_5470_all-in-one_firmwarelatitude_5491_firmwarevostro_5880_firmwareprecision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwarelatitude_13_3380_firmwareinspiron_3582latitude_7480latitude_7285_2-in-1_firmwareoptiplex_3060vostro_3881wyse_5470_firmwareoptiplex_5060latitude_5285_2-in-1edge_gateway_5000_firmwarechengming_3988_firmwareinspiron_3584inspiron_5770alienware_m17_r2_firmwarewyse_5470_all-in-onelatitude_3580precision_5820_tower_firmwareprecision_3530_firmwarelatitude_3190_2-in-1_firmwarelatitude_5580_firmwareinspiron_5480_firmwareinspiron_5481_2-in-1latitude_7210_2-in-1latitude_3189optiplex_xe3_firmwareinspiron_7590xps_15_9575_2-in-1_firmwarevostro_5880vostro_3580latitude_13_3380vostro_3268precision_7750optiplex_7070_firmwarevostro_3584optiplex_5270_all-in-oneoptiplex_xe3embedded_box_pc_5000dell_g5_15_5590embedded_box_pc_3000_firmwarevostro_3481_firmwareinspiron_3502latitude_5491inspiron_3580vostro_3267_firmwarevostro_3470_firmwareoptiplex_7080alienware_aurora_r12optiplex_5480_all-in-onealienware_aurora_r9dell_g7_15_7590_firmwarelatitude_7280alienware_area_51m_r2_firmwarelatitude_5400alienware_m15_r4_firmwarealienware_aurora_r13_firmwarelatitude_5410latitude_5480precision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwareprecision_3551latitude_5401_firmwarealienware_m17_r3precision_5820_towerprecision_7730latitude_5414_rugged_firmwareprecision_3640_tower_firmwarelatitude_5424_rugged_firmwarelatitude_7275_2-in-1_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwareembedded_box_pc_3000latitude_5510dell_g3_3779optiplex_7770_all-in-one_firmwarelatitude_5400_firmwarewyse_5470alienware_m17_r4optiplex_7780_all-in-one_firmwareinspiron_7700_all-in-onevostro_3671_firmwareprecision_3440precision_7510_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930optiplex_7470_all-in-onelatitude_3310_2-in-1_firmwareoptiplex_5250_firmwareinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_7410latitude_3310_firmwarelatitude_5501_firmwaredell_g3_15_3590_firmwareinspiron_3781optiplex_3280_all-in-one_firmwarelatitude_5411optiplex_3050_firmwarealienware_aurora_r10_firmwareoptiplex_7450_firmwareoptiplex_7450inspiron_7590_firmwareinspiron_3521_firmwareprecision_7740_firmwaredell_g5_5090_firmwarelatitude_7285_2-in-1latitude_3189_firmwarealienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_7591_firmwaredell_g5_15_5590_firmwareinspiron_5570_firmwareprecision_7920_towerlatitude_5290latitude_7400_2-in-1_firmwarelatitude_5289_firmwarechengming_3980_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530inspiron_3582_firmwarelatitude_5411_firmwarelatitude_3120_firmwareinspiron_3470_firmwareaurora_r14latitude_5590_firmwareoptiplex_7070_ultraprecision_7740vostro_3267inspiron_3671inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareprecision_5540optiplex_3050_all-in-onedell_latitude_3580_firmwareinspiron_3584_firmwarelatitude_9510optiplex_3280_all-in-onewyse_7040_thininspiron_3480inspiron_3583_firmwareinspiron_5770_firmwarelatitude_3490precision_3930_rack_firmwareinspiron_3670latitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwareprecision_3430_tower_firmwarelatitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towerdell_g5_5090latitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668latitude_7210_2-in-1_firmwareoptiplex_7760_all-in-onelatitude_7280_firmwarelatitude_5510_firmwarevostro_3670edge_gateway_3000latitude_5280inspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletoptiplex_7780_all-in-onelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwarelatitude_5300_firmwareinspiron_7777_firmwareinspiron_3482_firmwareinspiron_3880latitude_5289inspiron_5481_2-in-1_firmwarelatitude_5480_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_3930_rackprecision_7550precision_3420_towerinspiron_7700_all-in-one_firmwareinspiron_3881inspiron_3482dell_g3_3579_firmwarexps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwareoptiplex_3080alienware_m17_r1alienware_area_51m_r2dell_g5_5000dell_g7_17_7790_firmwarelatitude_3480latitude_5490_firmwarelatitude_5591_firmwarelatitude_5310_firmwareinspiron_3782_firmwarevostro_3070alienware_m15_r4precision_3430_towervostro_3671precision_5520_firmwareinspiron_7591latitude_7310inspiron_5401_all-in-oneinspiron_7790wyse_7040_thin_firmwarechengming_3988inspiron_7790_firmwarexps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwareedge_gateway_3000_firmwareprecision_5540_firmwarevostro_3584_firmwarelatitude_3390_2-in-1_firmwareoptiplex_7480_all-in-onechengming_3990_firmwarexps_8940_firmwaredell_g7_15_7590latitude_3120vostro_3480precision_3520_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareoptiplex_5260_all-in-one_firmwareoptiplex_7060latitude_7200_2-in-1_firmwarelatitude_5290_firmwarelatitude_7424_rugged_extremevostro_3582_firmwareprecision_3630_towervostro_3470latitude_5414_ruggedoptiplex_7480_all-in-one_firmwarealienware_aurora_r9_firmwareoptiplex_3070inspiron_3280latitude_7390latitude_7290_firmwareprecision_7530xps_8930_firmwaredell_g7_17_7790precision_3240_compactprecision_7750_firmwareprecision_5720_all-in-one_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3480_firmwarechengming_3991_firmwarevostro_7590_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwarealienware_aurora_r10optiplex_7050precision_3510_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490latitude_5288latitude_7389_firmwareoptiplex_7060_firmwareprecision_3240_compact_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareoptiplex_5250inspiron_3581vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwareinspiron_5400_firmwarelatitude_5424_ruggedlatitude_5488_firmwareCPG BIOS
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-38301
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 39.78%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 02:12
Updated-02 Aug, 2024 | 04:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure.

Action-Not Available
Vendor-Dell Inc.
Product-Alienware Command Center (AWCC)alienware_command_center
CWE ID-CWE-1107
Insufficient Isolation of Symbolic Constant Definitions
CVE-2023-28080
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.38%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 15:24
Updated-10 Jan, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.

Action-Not Available
Vendor-Dell Inc.
Product-powerpathPowerPath Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-28070
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.58%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 08:05
Updated-30 Jan, 2025 | 21:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_command_centerAlienware Command Center (AWCC)
CWE ID-CWE-284
Improper Access Control
CVE-2023-28079
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.04% / 10.45%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 15:20
Updated-10 Jan, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.

Action-Not Available
Vendor-Dell Inc.
Product-powerpathPowerPath Windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-25542
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.04% / 10.83%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 06:17
Updated-10 Feb, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-trusted_device_agent Dell Trusted Device Client
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-23696
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.10%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 09:49
Updated-25 Mar, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system.

Action-Not Available
Vendor-Dell Inc.
Product-command_\|_intel_vpro_out_of_bandDell Command Intel vPro Out of Band (DCIV)
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-37129
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.33%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 08:47
Updated-13 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-inventory_collectorDell Inventory Collectorsupportassist_for_business_pcscommand_updatesupportassist_for_home_pcsupdatealienware_update
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-22576
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 09:44
Updated-23 Aug, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM)repository_manager
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-25958
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.32%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 15:18
Updated-28 Jan, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of application data and service disruption.

Action-Not Available
Vendor-Dell Inc.
Product-grabGrab for Windowsgrab_for_windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-33921
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-34396
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.04% / 9.53%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:24
Updated-26 Mar, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Exploitation may lead to a complete system compromise.

Action-Not Available
Vendor-Dell Inc.
Product-openmanage_server_administratorOpenManage Server Administrator (OMSA)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-33922
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.11% / 30.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell recommends customers to upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-22428
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 13.29%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 04:02
Updated-13 Nov, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-0155
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 13:00
Updated-08 Jan, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)digital_delivery
CWE ID-CWE-416
Use After Free
CVE-2024-0159
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.77%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 07:00
Updated-31 Jan, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_command_centerAlienware Command Center (AWCC)alienware_command_center
CWE ID-CWE-1107
Insufficient Isolation of Symbolic Constant Definitions
CVE-2024-0156
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.54%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 12:54
Updated-08 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)dell_digital_delivery
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-44282
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.04%
||
7 Day CHG~0.00%
Published-16 Nov, 2023 | 09:16
Updated-29 Aug, 2024 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM)
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-44292
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.04%
||
7 Day CHG~0.00%
Published-16 Nov, 2023 | 09:22
Updated-14 Aug, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM)repository_manager
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-43078
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.79%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 05:33
Updated-19 Dec, 2024 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_24_5410_all-in-onelatitude_5401optiplex_7770_all-in-onexps_15_9510_firmwareinspiron_7300_firmwarelatitude_3520inspiron_13_5330precision_3561_firmwarexps_17_9710_firmwareoptiplex_tower_plus_7010_firmwareprecision_7770_firmwareprecision_7560inspiron_14_plus_7430alienware_x14_r2vostro_3888optiplex_all-in-one_7410_firmwarexps_13_9315inspiron_7490vostro_3888_firmwarelatitude_5430_rugged_laptopprecision_7540optiplex_5090_small_form_factor_firmwareinspiron_15_3511_firmwarewyse_5070latitude_9420alienware_x16_r1precision_5470_firmwaredell_precision_3630_towerlatitude_5590optiplex_5080latitude_5511precision_5530_2-in-1precision_5550inspiron_7501inspiron_5502optiplex_xe4_tower_firmwarechengming_3911_firmwarevostro_14_3430_firmwarexps_17_9700inspiron_16_7630_2-in-1optiplex_3000_microoptiplex_7000_microlatitude_5300vostro_3400g3_3500optiplex_3000_tower_firmwareprecision_5530_firmwaredell_precision_3430_toweroptiplex_micro_7010_firmwarelatitude_7320latitude_7300alienware_m18_r1precision_3431_toweroptiplex_3060_firmwarelatitude_3420latitude_7490_firmwareoptiplex_tower_7010latitude_5310_2-in-1_firmwareprecision_3570inspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3471latitude_5531_firmwareoptiplex_7071_firmwareinspiron_14_5410precision_3570_firmwareoptiplex_5070latitude_3400precision_5770_firmwareinspiron_14_7430_2-in-1latitude_3420_firmwareg5_5000vostro_14_5410precision_5480inspiron_14_5420_firmwareoptiplex_3090_firmwareg15_5520_firmwarelatitude_3530inspiron_7506_2-in-1_firmwarexps_13_plus_9320alienware_m16_r1optiplex_7000_small_form_factor_firmwarelatitude_7320_detachable_firmwarelatitude_9410optiplex_7400_all-in-oneoptiplex_7070optiplex_7080_firmwarevostro_16_5630latitude_5420_rugged_firmwarelatitude_5310latitude_5530precision_7680latitude_5431_firmwarelatitude_3301latitude_5420_ruggedoptiplex_7090_ultra_firmwareg16_7620precision_3450chengming_3900latitude_5495inspiron_5400latitude_7330_firmwarexps_15_9520_firmwarevostro_3020_small_desktopprecision_5680_firmwarevostro_5090precision_5560latitude_7640latitude_3190vostro_15_3520_firmwareoptiplex_5400_all-in-one_firmwarelatitude_7430_firmwarelatitude_3330_firmwarelatitude_5540universal_dock_ud22_firmware_update_utilityinspiron_3881_firmwarevostro_15_3510latitude_5521xps_9315_2-in-1optiplex_5480_all-in-one_firmwareoptiplex_7000_tower_firmwareprecision_3540precision_5570_firmwareinspiron_3910inspiron_3580_firmwarelatitude_7520optiplex_7400_all-in-one_firmwarewyse_5070_firmwarelatitude_3310latitude_5290_2-in-1g7_7700_firmwarewyse_5470_all-in-one_firmwareoptiplex_3090latitude_7290latitude_3340vostro_7620_firmwareinspiron_16_7620_2-in-1inspiron_5402latitude_5430_firmwareprecision_7540_firmwarevostro_3401_firmwarevostro_3881wyse_5470_firmwareinspiron_24_5411_all-in-one_firmwareinspiron_5593latitude_5420_firmwareprecision_3561inspiron_14_7420_2-in-1optiplex_3000_towerlatitude_5440_firmwarelatitude_3190_2-in-1_firmwarevostro_5301precision_3460_xe_small_form_factor_firmwarexps_15_9510inspiron_16_plus_7620latitude_7210_2-in-1optiplex_xe3_firmwarevostro_5880precision_3260_compactoptiplex_7070_firmwarealienware_m15_r7_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneoptiplex_xe3latitude_3301_firmwarelatitude_5491latitude_3140_firmwarelatitude_9520_firmwareprecision_5560_firmwarelatitude_5330vostro_3690_firmwarelatitude_5520_firmwareoptiplex_5480_all-in-oneinspiron_24_5410_all-in-one_firmwarelatitude_5400latitude_5410precision_7865_towerprecision_3541xps_8940latitude_9440_2-in-1precision_7730_firmwareprecision_3551latitude_5401_firmwareoptiplex_all-in-one_7410optiplex_3000_small_form_factor_firmwareprecision_7730inspiron_16_7610_firmwarevostro_5301_firmwarevostro_5890latitude_7230_rugged_extreme_firmwarealienware_m18_r1_firmwareoptiplex_7770_all-in-one_firmwarelatitude_5400_firmwareg16_7630latitude_5430_rugged_laptop_firmwarelatitude_9330_firmwareinspiron_7700_all-in-onevostro_3671_firmwareprecision_3440latitude_rugged_7220ex_firmwareinspiron_13_5320optiplex_7460_all_in_one_firmwarevostro_5402optiplex_tower_7010_firmwareoptiplex_7090_ultraoptiplex_7470_all-in-oneg5_5000_firmwareinspiron_3671_firmwareprecision_7960_tower_firmwareprecision_3550_firmwarelatitude_3310_firmwarevostro_3690g16_7620_firmwareprecision_3460_small_form_factor_firmwarexps_9315_2-in-1_firmwarevostro_7500latitude_7530optiplex_7490_all-in-onealienware_m15_r7precision_7740_firmwareoptiplex_5090_towervostro_15_3530g16_7630_firmwaredock_wd22tb4_firmware_update_utilityvostro_3681vostro_3591latitude_3440precision_7780latitude_7400_2-in-1_firmwarevostro_15_7510precision_3530latitude_5411_firmwarelatitude_3510_firmwareoptiplex_7070_ultrainspiron_13_5310_firmwareinspiron_3593precision_7740inspiron_15_5518_firmwareoptiplex_tower_plus_7010precision_5530latitude_7310_firmwareoptiplex_3000_thin_clientinspiron_7306_2-in-1latitude_7530_firmwarexps_13_9310_firmwarexps_13_7390_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_16_plus_7630precision_5760_firmwarevostro_14_3420precision_3580_firmwarevostro_3681_firmwarevostro_3580_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1precision_7760_firmwarelatitude_5300_2-in-1_firmwarexps_13_9305_firmwareinspiron_5410optiplex_7760_all-in-onevostro_15_7510_firmwareg7_7700vostro_5502latitude_3540_firmwareoptiplex_7780_all-in-oneinspiron_3501_firmwareinspiron_27_7720_all-in-one_firmwarelatitude_5300_firmwareinspiron_3880optiplex_7000_xe_microprecision_3930_rackprecision_7865_tower_firmwareprecision_7550xps_17_9720latitude_7440_firmwareoptiplex_small_form_factor_7010inspiron_15_3530_firmwareinspiron_14_plus_7420latitude_5320_firmwareprecision_3581optiplex_3080xps_13_9315_firmwareinspiron_15_3530xps_13_9300_firmwareprecision_5750optiplex_7460_all_in_oneinspiron_27_7710_all-in-one_firmwarevostro_3671precision_5570latitude_7310inspiron_14_5410_firmwarelatitude_5421_firmwarelatitude_7330_rugged_laptopinspiron_7500g15_5511precision_5760optiplex_7480_all-in-onechengming_3990_firmwareprecision_3551_firmwareinspiron_3020_small_desktop_firmwarelatitude_9430optiplex_7070_ultra_firmwarevostro_3400_firmwareoptiplex_7060latitude_7424_rugged_extremelatitude_5290_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390latitude_5440vostro_3500precision_3240_compactprecision_7750_firmwarelatitude_3520_firmwarevostro_3401vostro_3480_firmwarechengming_3991_firmwareinspiron_16_7630_2-in-1_firmwareprecision_5680inspiron_14_5418inspiron_7400latitude_9430_firmwareprecision_3650_tower_firmwarevostro_14_3420_firmwareinspiron_24_5411_all-in-oneoptiplex_7470_all-in-one_firmwareprecision_3630_tower_firmwarelatitude_7340_firmwarexps_13_9310_2-in-1latitude_7440intel_thunderbolt_controller_firmware_update_utilityinspiron_5400_firmwarelatitude_5424_ruggedvostro_15_3520optiplex_7760_all-in-one_firmwarelatitude_9510_2in1inspiron_7500_firmwareprecision_3541_firmwareg5_5500latitude_7330inspiron_14_5420inspiron_7506_2-in-1latitude_5330_firmwareg7_7500precision_3650_towervostro_3881_firmwarelatitude_7200_2-in-1latitude_5511_firmwarelatitude_3430_firmwareprecision_7960_towerprecision_3550inspiron_3891_firmwareoptiplex_3090_ultra_firmwareprecision_5480_firmwarexps_13_7390_2-in-1_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareprecision_5860_tower_firmwarelatitude_3310_2-in-1optiplex_3090_ultraoptiplex_5090_tower_firmwarelatitude_5490vostro_5620_firmwareinspiron_16_7610latitude_7330_rugged_laptop_firmwarexps_7590latitude_3190_2-in-1optiplex_7071inspiron_3891xps_13_9305optiplex_7000_xe_micro_firmwarelatitude_9410_firmwareinspiron_7706_2-in-1_firmwarelatitude_5300_2-in-1inspiron_13_5330_firmwarelatitude_7424_rugged_extreme_firmwarelatitude_7220_rugged_extremeoptiplex_3070_firmwareg15_5511_firmwarelatitude_7410_firmwareprecision_3660optiplex_5260_all-in-onelatitude_5310_2-in-1optiplex_7090_tower_firmwarevostro_3910inspiron_15_7510_firmwareinspiron_14_5418_firmwareg5_5500_firmwareinspiron_3020_desktoplatitude_7390_firmwarelatitude_5500_firmwarelatitude_5410_firmwarelatitude_5430vostro_5090_firmwarexps_13_7390latitude_3530_firmwarelatitude_3400_firmwarevostro_3890latitude_3510precision_3560_firmwareinspiron_3880_firmwareg5_5090precision_5860_toweroptiplex_5080_firmwareinspiron_14_5430inspiron_14_7420_2-in-1_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareinspiron_15_7510latitude_5530_firmwareoptiplex_7000_micro_firmwareprecision_5470optiplex_5060_firmwareinspiron_16_5630_firmwarevostro_16_5630_firmwarevostro_3590precision_3470_firmwareoptiplex_small_form_factor_plus_7010inspiron_15_5510vostro_3020_tower_desktop_firmwareinspiron_16_plus_7620_firmwareprecision_7530_firmwarevostro_3583_firmwarelatitude_3190_firmwareoptiplex_5000_tower_firmwareoptiplex_micro_7010optiplex_xe4_towerxps_13_9300xps_15_9500latitude_5500precision_7550_firmwarelatitude_3500_firmwarechengming_3900_firmwarechengming_3991precision_3260_xe_compact_firmwareprecision_3260_xe_compactinspiron_7501_firmwareoptiplex_5090_small_form_factorg15_5510_firmwarelatitude_5290_2-in-1_firmwarelatitude_7220_rugged_extreme_firmwareinspiron_3471_firmwarelatitude_5501latitude_7400_firmwarevostro_3501vostro_5320_firmwarevostro_15_5510precision_3450_firmwarechengming_3990inspiron_15_3520_firmwareprecision_3460_small_form_factorinspiron_5301precision_3581_firmwarelatitude_5340optiplex_7090_towervostro_3583latitude_5491_firmwareprecision_3470vostro_5880_firmwareprecision_3480xps_17_9710precision_5750_firmwareoptiplex_small_form_factor_plus_7010_firmwaredock_hd22q_firmware_update_utilityoptiplex_3060optiplex_5060chengming_3988_firmwarelatitude_5520wyse_5470_all-in-onelatitude_3410_firmwareprecision_7680_firmwarevostro_13_5310_firmwareinspiron_7400_firmwareprecision_3260_compact_firmwarelatitude_7640_firmwareoptiplex_5400_all-in-onelatitude_3320precision_3530_firmwareprecision_3580latitude_3540xps_13_9310_2-in-1_firmwarealienware_x14_r2_firmwarevostro_5320vostro_3580precision_7750inspiron_3020_small_desktoplatitude_3430latitude_3320_firmwareinspiron_3580optiplex_5490_all-in-one_firmwareoptiplex_7080g15_5510inspiron_15_5518vostro_7500_firmwarevostro_14_3430xps_17_9730latitude_9330inspiron_16_7620_2-in-1_firmwareinspiron_15_3511latitude_7230_rugged_extremelatitude_9440_2-in-1_firmwarelatitude_5424_rugged_firmwareinspiron_15_3520optiplex_5000_small_form_factor_firmwarechengming_3910_firmwarelatitude_7300_firmwarelatitude_5421inspiron_16_5630latitude_9420_firmwareinspiron_24_5420_all-in-onelatitude_5510inspiron_5401_aio_firmwarewyse_5470latitude_7340optiplex_5090_micro_firmwarevostro_3501_firmwareinspiron_3593_firmwareinspiron_14_plus_7430_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwareoptiplex_5000_micro_firmwareprecision_3640_firmwarelatitude_3310_2-in-1_firmwareinspiron_16_5620latitude_5320latitude_3330vostro_13_5310optiplex_7000_small_form_factorlatitude_7410xps_13_7390_2-in-1latitude_5501_firmwareprecision_3571optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411optiplex_5090_microvostro_3020_tower_desktopprecision_7760xps_17_9720_firmwarealienware_x16_r1_firmwareinspiron_7306_2-in-1_firmwarevostro_3500_firmwarelatitude_7320_detachablelatitude_9520inspiron_5509optiplex_5055_ryzen_apuvostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_27_7710_all-in-onelatitude_7420latitude_5290inspiron_7706_2-in-1precision_7670precision_5550_firmwareg7_7500_firmwareinspiron_24_5420_all-in-one_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_16_plus_7630_firmwareinspiron_16_5620_firmwareprecision_7670_firmwareg15_5530inspiron_5301_firmwareinspiron_3671precision_5540precision_3571_firmwarevostro_5620inspiron_3480latitude_7520_firmwarelatitude_5431precision_3930_rack_firmwareoptiplex_3000_thin_client_firmwarevostro_3710latitude_5420precision_3480_firmwareinspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareprecision_3430_tower_firmwareprecision_7560_firmwareoptiplex_micro_plus_7010latitude_3300_firmwarelatitude_3440_firmwarexps_15_9530_firmwarexps_17_9730_firmwarelatitude_7400_2-in-1precision_7770latitude_7210_2-in-1_firmwarexps_13_9310latitude_5510_firmwarelatitude_3340_firmwareinspiron_5410_firmwareoptiplex_5000_microinspiron_15_5510_firmwareinspiron_14_7430_2-in-1_firmwarevostro_5502_firmwareprecision_3540_firmwarexps_15_9530latitude_7430g3_3500_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3000_small_form_factoroptiplex_3080_firmwarexps_13_plus_9320_firmwarelatitude_3410optiplex_small_form_factor_7010_firmwarevostro_5402_firmwarevostro_15_3510_firmwareinspiron_7700_all-in-one_firmwareinspiron_3881optiplex_7490_all-in-one_firmwarevostro_14_5410_firmwarevostro_15_3530_firmwarelatitude_5531precision_3660_firmwarevostro_3020_small_desktop_firmwarechengming_3910optiplex_3000_micro_firmwareoptiplex_5000_small_form_factorprecision_7780_firmwarelatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501inspiron_13_5310latitude_3140latitude_3500latitude_5310_firmwarelatitude_9510_2in1_firmwareinspiron_3793inspiron_27_7720_all-in-onelatitude_5540_firmwareprecision_3430_toweralienware_m15_r6vostro_3890_firmwaredock_wd19_firmware_update_utilitychengming_3988xps_15_7590latitude_3300optiplex_micro_plus_7010_firmwareprecision_5540_firmwareinspiron_5401_firmwarevostro_15_5510_firmwareprecision_3460_xe_small_form_factorxps_15_9520xps_8940_firmwarelatitude_7320_firmwareoptiplex_5490_all-in-onevostro_3480latitude_3120g15_5530_firmwareprecision_3560inspiron_5401_aiotpm_2.0_firmware_update_utilitydell_precision_3431_towerprecision_3640optiplex_5260_all-in-one_firmwarelatitude_rugged_7220exinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_toweralienware_m16_r1_firmwareinspiron_14_5430_firmwareinspiron_3020_desktop_firmwareoptiplex_3070inspiron_13_5320_firmwarevostro_3910_firmwarelatitude_7290_firmwareprecision_7530chengming_3911precision_5770vostro_7620dell_precision_5820_towerinspiron_5502_firmwarexps_15_7590_firmwareinspiron_5409_firmwareinspiron_14_plus_7420_firmwareg15_5520latitude_5340_firmwarelatitude_7490optiplex_7000_toweroptiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareoptiplex_5000_towerinspiron_5401Dell Client Platform, Dell Dock Firmwarelatitude_7320_firmwareg15_5530_firmwaredell_g7_7700_firmwarelatitude_3340_firmwareinspiron_24_5411_all-in-one_firmwarechengming_3988_firmwarelatitude_5290_firmwarelatitude_5420_firmwarealienware_m16_r1_firmwareg3_3500_firmwareg5_5090_firmwareoptiplex_3080_firmwareinspiron_3891_firmwareinspiron_13_5320_firmwarechengming_3900_firmwareinspiron_5301_firmwarelatitude_7290_firmwareoptiplex_5090_tower_firmwarealienware_x14_r2_firmwareinspiron_3593_firmwareinspiron_3880_firmwareinspiron_15_3530_firmwareprecision_3260_xe_compact_firmwarelatitude_5320_firmwareprecision_3660_firmwareoptiplex_5400_all-in-one_firmwarechengming_3991_firmwareg5_5000_firmwarealienware_m15_r7_firmwarealienware_m15_r6_firmwarelatitude_7220_rugged_extreme_firmwarelatitude_5340_firmwareoptiplex_3000_thin_client_firmwarelatitude_3420_firmwareprecision_3650_tower_firmwarelatitude_5530_firmwarelatitude_9520_firmwareoptiplex_5490_all-in-one_firmwareprecision_3630_tower_firmwarelatitude_3300_firmwareinspiron_13_5330_firmwareinspiron_14_5410_firmwareoptiplex_3090_firmwareg15_5511_firmware
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-5385
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-18 Aug, 2020 | 20:40
Updated-17 Sep, 2024 | 02:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.

Action-Not Available
Vendor-Dell Inc.
Product-encryptionendpoint_security_suite_enterpriseDell Encryption Enterprise
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2025-38738
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.21%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 14:36
Updated-18 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_home_pcsSupportAssist for Home PCs
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2025-36612
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.21%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 14:42
Updated-18 Aug, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcsSupportAssist for Business PCs
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2020-26194
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 14.78%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 21:25
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-26181
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if they have ISI PRIV HARDENING privileges.

Action-Not Available
Vendor-Dell Inc.
Product-emc_isilon_onefsemc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-29983
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.72%
||
7 Day CHG~0.00%
Published-15 Apr, 2025 | 03:30
Updated-15 Aug, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-trusted_device_agentDell Trusted Device Client
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-29984
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.15%
||
7 Day CHG~0.00%
Published-15 Apr, 2025 | 03:38
Updated-15 Aug, 2025 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-trusted_device_agentDell Trusted Device Client
CWE ID-CWE-284
Improper Access Control
CVE-2025-30100
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.37%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 01:10
Updated-18 Apr, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center 6.x, versions prior to 6.7.37.0 contain an Improper Access Control Vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-Alienware Command Center (AWCC)
CWE ID-CWE-284
Improper Access Control
CVE-2023-28065
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.59%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 11:04
Updated-04 Dec, 2024 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.

Action-Not Available
Vendor-Microsoft CorporationDell Inc.
Product-windowsalienware_updatecommand_updateupdateDell Command Update (DCU)
CWE ID-CWE-1386
Insecure Operation on Windows Junction / Mount Point
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3726
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.17%
||
7 Day CHG~0.00%
Published-24 Sep, 2019 | 15:31
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package (DUP) Framework file versions prior to 3.8.3.67 used in Dell Client Platforms. The vulnerability is limited to the DUP framework during the time window when a DUP is being executed by an administrator. During this time window, a locally authenticated low privilege malicious user potentially could exploit this vulnerability by tricking an administrator into running a trusted binary, causing it to load a malicious DLL and allowing the attacker to execute arbitrary code on the victim system. The vulnerability does not affect the actual binary payload that the DUP delivers.

Action-Not Available
Vendor-Dell Inc.
Product-update_package_frameworkemc_serversclient_platformsDell Client Platforms: Dell Update Packages (DUP) Framework fileDell EMC Servers: Networking and Fibre Channel Drivers: Dell Update Package (DUP) Framework fileDell EMC Servers: all other Drivers, BIOS and Firmware: Dell Update Package (DUP) Framework file
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39254
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.45%
||
7 Day CHG~0.00%
Published-01 Mar, 2024 | 12:43
Updated-31 Jan, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access to the system could potentially exploit this vulnerability to run arbitrary code as admin.

Action-Not Available
Vendor-Dell Inc.
Product-update_package_frameworkDUP Frameworkupdate_package_framework
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-22480
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.01% / 1.09%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 16:04
Updated-18 Feb, 2025 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassistDell SupportAssist OS Recovery
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2023-32486
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.84%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 13:24
Updated-08 Oct, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2023-32479
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.16%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 08:09
Updated-22 Aug, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation.

Action-Not Available
Vendor-Microsoft CorporationDell Inc.
Product-windowssecurity_management_serverencryptionendpoint_security_suite_enterpriseDell Security Management Server (Windows)Dell Endpoint Security Suite EnterpriseDell Encryptionsecurity_management_serverencryptionendpoint_security_suite_enterprise
CWE ID-CWE-284
Improper Access Control
CVE-2020-5358
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.50%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 20:20
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.

Action-Not Available
Vendor-Dell Inc.
Product-encryptionendpoint_security_suite_enterpriseDell Encryption Enterprise
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-24413
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.11%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-17 Sep, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-0163
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.60%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:28
Updated-31 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.

Action-Not Available
Vendor-Dell Inc.
Product-emc_xc_core_xc750poweredge_r860poweredge_r6625_firmwareemc_xc_core_xc7525_firmwarepoweredge_r750_firmwarepoweredge_r760xa_firmwarexc_core_xc760_firmwareemc_xc_core_xc650_firmwarepoweredge_r760xd2poweredge_c6620poweredge_xr5610emc_xc_core_xc650poweredge_c6620_firmwarepoweredge_r7615poweredge_r660_firmwarepoweredge_c6525poweredge_r6525poweredge_r860_firmwarepoweredge_r750xapoweredge_r750xs_firmwarexc_core_xc760emc_xc_core_xc750_firmwarepoweredge_r6525_firmwarepoweredge_r250poweredge_xe8640emc_xc_core_xc750xa_firmwarepoweredge_r7625_firmwarepoweredge_t550_firmwarepoweredge_hs5620_firmwarepoweredge_xr7620_firmwarepoweredge_xe9680_firmwarepoweredge_r350_firmwarepoweredge_mx750cpoweredge_hs5610_firmwarepoweredge_c6615poweredge_r760_firmwarepoweredge_r660xspoweredge_xe9640_firmwarepoweredge_r450poweredge_r6615_firmwarepoweredge_r7625poweredge_r250_firmwarepoweredge_mx750c_firmwarepoweredge_t550poweredge_c6525_firmwarexc_core_xc7625poweredge_r6615poweredge_xr8620t_firmwarepoweredge_r550poweredge_r650xs_firmwarepoweredge_r7515_firmwarepoweredge_r7525_firmwarepoweredge_r6515poweredge_hs5610poweredge_r6625poweredge_xr12poweredge_r650emc_xc_core_xc450emc_xc_core_xc7525poweredge_r550_firmwarepoweredge_xr8610tpoweredge_xr4520cpoweredge_xe9640poweredge_r750poweredge_r650xspoweredge_r760xapoweredge_r6515_firmwarepoweredge_r960poweredge_r350xc_core_xc660emc_xc_core_xc6520poweredge_r760xd2_firmwarepoweredge_c6615_firmwarepoweredge_t150poweredge_xe8640_firmwarepoweredge_xr4510c_firmwarepoweredge_t350_firmwarepoweredge_c6520_firmwarepoweredge_t560_firmwarepoweredge_xr7620poweredge_mx760c_firmwarepoweredge_xr4510cpoweredge_r960_firmwarepoweredge_xr8610t_firmwarepoweredge_t150_firmwarepoweredge_xr4520c_firmwarepoweredge_r7525poweredge_xe8545_firmwarepoweredge_r7615_firmwarexc_core_xc7625_firmwareemc_xc_core_xc450_firmwarepoweredge_xr8620tpoweredge_xr12_firmwarepoweredge_xr5610_firmwarepoweredge_r760xs_firmwarepoweredge_xe9680emc_xc_core_xc6520_firmwarexc_core_xc660_firmwarepoweredge_t560poweredge_c6520poweredge_r450_firmwarepoweredge_r650_firmwarepoweredge_mx760cemc_xc_core_xc750xapoweredge_xr11_firmwarepoweredge_r750xspoweredge_r660xs_firmwarepoweredge_xr11poweredge_r760xspoweredge_t350poweredge_r760poweredge_xe8545poweredge_r750xa_firmwarepoweredge_r7515poweredge_hs5620poweredge_r660PowerEdge BIOS Intel 16G
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-0171
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.45%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 15:30
Updated-20 Aug, 2024 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r7625_firmwarepoweredge_r7615_firmwarepoweredge_r7615xc_core_xc7625xc_core_xc7625_firmwarepoweredge_c6615poweredge_r6625_firmwarepoweredge_r6615_firmwarepoweredge_r6615poweredge_r6625poweredge_c6615_firmwarepoweredge_r7625PowerEdge Platform
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2021-21539
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-0.43% / 61.68%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 20:55
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to gain elevated privileges when a user with higher privileges is simultaneously accessing iDRAC through the web interface.

Action-Not Available
Vendor-Dell Inc.
Product-idrac9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2025-30101
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.18%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 17:44
Updated-16 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2023-28075
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.9||MEDIUM
EPSS-0.03% / 7.24%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 19:15
Updated-08 Oct, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7760_all-in-one_firmwareoptiplex_7770_all-in-oneinspiron_3470inspiron_7500_firmwareoptiplex_tower_plus_7010_firmwareprecision_3650_towervostro_3881_firmwarelatitude_7200_2-in-1latitude_5511_firmwareg7_17_7790_firmwarelatitude_3430_firmwareinspiron_5493optiplex_7410_all-in-onelatitude_7380_firmwareprecision_7960_towervostro_3888xps_13_9315inspiron_3891_firmwareinspiron_7490vostro_3888_firmwarexps_13_7390_2-in-1_firmwarelatitude_7420_firmwareprecision_5860_tower_firmwareprecision_7540inspiron_15_3511_firmwarelatitude_3310_2-in-1precision_5470_firmwarelatitude_5511latitude_7390_2-in-1precision_5530_2-in-1inspiron_7501inspiron_7300_2-in-1chengming_3911_firmwarevostro_3070_firmwareprecision_5720_aio_firmwarelatitude_3190_2-in-1inspiron_3583precision_7720edge_gateway_5000latitude_5300optiplex_3000_firmwareinspiron_3891vostro_3481xps_13_9305g3_3500latitude_9410_firmwareprecision_5530_firmwarevostro_7590latitude_5280_firmwarealienware_m18inspiron_7300_2-in-1_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwareoptiplex_7090_firmwarevostro_3020_t_firmwarelatitude_7410_firmwarelatitude_7320g5_15_5500_firmwarelatitude_7300optiplex_7090precision_3660g7_17_7700_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5490_aio_firmwareinspiron_5491_aioinspiron_3780latitude_7490_firmwarevostro_3020_tinspiron_14_5418_firmwarelatitude_7230_rugged_extreme_tablet_firmwarelatitude_rugged_7330_firmwarevostro_5491_firmwareinspiron_3020_desktoplatitude_7390_firmwarelatitude_5500_firmwarelatitude_5430precision_5520latitude_5310_2-in-1_firmwarexps_13_7390inspiron_7490_firmwarelatitude_3530_firmwarelatitude_3400_firmwareprecision_5720_aiovostro_3890latitude_7400optiplex_5270_all-in-one_firmwarechengming_3901_firmwareprecision_3520inspiron_3880_firmwareinspiron_3511_firmwareprecision_5860_towerprecision_7520_firmwareprecision_7820_tower_firmwareg7_15_7500inspiron_14_5410optiplex_7460_all-in-oneinspiron_5493_firmwarelatitude_3400inspiron_3480_firmwareoptiplex_xe4_firmwareprecision_5470optiplex_3050_all-in-one_firmwarexps_15_9575_2-in-1optiplex_3090_firmwareg15_5520_firmwarelatitude_3530precision_3470_firmwarevostro_3581_firmwareoptiplex_small_form_factor_plus_7010inspiron_15_5510vostro_3581latitude_9410optiplex_7400_all-in-oneoptiplex_7070vostro_3020_sffoptiplex_7080_firmwareoptiplex_7000chengming_3901vostro_3583_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_3190_firmwarealienware_m16latitude_5310optiplex_7460_all-in-one_firmwarelatitude_5431_firmwarelatitude_3301latitude_5420_ruggedxps_13_9300g16_7620latitude_5500precision_3450precision_7550_firmwarechengming_3900latitude_7390_2-in-1_firmwarelatitude_3500_firmwarechengming_3900_firmwareinspiron_5400latitude_7480_firmwarexps_15_9520_firmwarechengming_3991latitude_5288_firmwareprecision_5680_firmwarevostro_5591precision_3260_xe_compact_firmwareprecision_3260_xe_compactinspiron_7501_firmwarelatitude_3190optiplex_5400_all-in-one_firmwarelatitude_3330_firmwareinspiron_7500_2-in-1_blackinspiron_3881_firmwarevostro_7510_firmwarelatitude_5488latitude_5290_2-in-1_firmwarevostro_7510latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540precision_5570_firmwareinspiron_3910inspiron_7510_firmwarelatitude_7400_firmwareinspiron_3580_firmwarelatitude_7520optiplex_7400_all-in-one_firmwareinspiron_3781_firmwareinspiron_7500_2-in-1_black_firmwareprecision_3450_firmwarechengming_3990vostro_3670_firmwareprecision_3460_small_form_factorlatitude_3310precision_7520latitude_5290_2-in-1vostro_3583wyse_5470_all-in-one_firmwareprecision_3470precision_7820_toweroptiplex_3090latitude_7290latitude_3340inspiron_3493vostro_5410latitude_7230_rugged_extreme_tabletlatitude_5430_firmwareprecision_7540_firmwareoptiplex_small_form_factor_plus_7010_firmwarelatitude_7480latitude_7285_2-in-1_firmwarevostro_3881wyse_5470_firmwarelatitude_5285_2-in-1optiplex_5000_firmwareedge_gateway_5000_firmwareinspiron_5593latitude_5420_firmwareoptiplex_5000inspiron_3584wyse_5470_all-in-oneinspiron_7510precision_5820_tower_firmwareinspiron_3493_firmwareprecision_3260_compact_firmwareoptiplex_5400_all-in-onelatitude_3320latitude_3190_2-in-1_firmwareprecision_3460_xe_small_form_factor_firmwarelatitude_3540xps_13_9310_2-in-1_firmwarelatitude_5580_firmwarelatitude_7210_2-in-1latitude_3189xps_15_9575_2-in-1_firmwareinspiron_7590vostro_3580inspiron_3020_small_desktopprecision_7750precision_3260_compactoptiplex_7070_firmwarealienware_m15_r7_firmwarevostro_3584optiplex_5270_all-in-oneinspiron_24_5421_all-in-one_firmwarelatitude_3430embedded_box_pc_5000optiplex_7000_firmwarelatitude_3301_firmwareembedded_box_pc_3000_firmwarevostro_3481_firmwarelatitude_3320_firmwareinspiron_3580latitude_3140_firmwarelatitude_9520_firmwarevostro_3470_firmwareoptiplex_5490_all-in-one_firmwarevostro_3690_firmwareoptiplex_7080optiplex_5090optiplex_5480_all-in-oneinspiron_15_5518latitude_7280vostro_7500_firmwarelatitude_5400latitude_9330latitude_5480inspiron_15_3511vostro_5510_firmwareprecision_3551vostro_5491precision_5820_towerprecision_3640_tower_firmwarelatitude_5424_rugged_firmwareinspiron_7610latitude_rugged_7330chengming_3910_firmwareg7_17_7790latitude_7300_firmwarevostro_5890embedded_box_pc_3000inspiron_24_5420_all-in-oneoptiplex_3000g7_17_7700inspiron_5401_aio_firmwareinspiron_24_5421_all-in-oneoptiplex_7770_all-in-one_firmwarelatitude_5400_firmwareinspiron_7610_firmwarewyse_5470optiplex_5090_firmwareg7_15_7590inspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarelatitude_9330_firmwareinspiron_7700_all-in-onevostro_3710_firmwarelatitude_rugged_7220ex_firmwareprecision_5530_2-in-1_firmwareoptiplex_7470_all-in-onelatitude_3310_2-in-1_firmwareoptiplex_5250_firmwareprecision_7960_tower_firmwareg7_15_7500_firmwarelatitude_3330latitude_7410latitude_3310_firmwarexps_13_7390_2-in-1inspiron_3781vostro_3690optiplex_3280_all-in-one_firmwareg16_7620_firmwarelatitude_5411precision_3460_small_form_factor_firmwarevostro_3020_sff_firmwarevostro_7500optiplex_7490_all-in-oneoptiplex_7450_firmwareoptiplex_7450alienware_m15_r7inspiron_7590_firmwareprecision_7740_firmwarelatitude_9520latitude_7285_2-in-1latitude_3189_firmwarevostro_3681latitude_7420latitude_3440inspiron_7591_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwarechengming_3980_firmwareinspiron_3481inspiron_3780_firmwarelatitude_5411_firmwareinspiron_24_5420_all-in-one_firmwareinspiron_3470_firmwarelatitude_3120_firmwareinspiron_3593optiplex_7070_ultrainspiron_15_5518_firmwareprecision_7740optiplex_tower_plus_7010inspiron_3481_firmwareprecision_5530latitude_7310_firmwareoptiplex_3000_thin_clientprecision_5540optiplex_3050_all-in-onexps_13_9310_firmwareinspiron_3584_firmwarexps_13_7390_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_3480inspiron_3583_firmwarelatitude_7520_firmwarelatitude_5431precision_3930_rack_firmwareoptiplex_3000_thin_client_firmwarevostro_3710inspiron_3670latitude_5420inspiron_3793_firmwarelatitude_3180_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarevostro_5890_firmwareoptiplex_micro_plus_7010inspiron_3910_firmwarelatitude_3440_firmwarelatitude_7400_2-in-1precision_3640_towerlatitude_5300_2-in-1_firmwarevostro_5510inspiron_3511xps_13_9305_firmwarelatitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310inspiron_5410optiplex_7760_all-in-onelatitude_7280_firmwarevostro_3510_firmwarevostro_3670edge_gateway_3000latitude_5280inspiron_3670_firmwarelatitude_3340_firmwareinspiron_5410_firmwarelatitude_3540_firmwareoptiplex_7780_all-in-oneinspiron_15_5510_firmwarevostro_5410_firmwareinspiron_27_7720_all-in-one_firmwarelatitude_5300_firmwareprecision_3540_firmwareinspiron_3880g3_3500_firmwarelatitude_5480_firmwareprecision_3930_rackprecision_7550latitude_rugged_7220g5_15_5590g5_15_5590_firmwareinspiron_7700_all-in-one_firmwareinspiron_3881optiplex_7490_all-in-one_firmwarexps_13_9380precision_3660_firmwareg7_15_7590_firmwarechengming_3910xps_13_9315_firmwarelatitude_3140latitude_3500latitude_5310_firmwarevostro_3070xps_13_9300_firmwareinspiron_3793inspiron_27_7720_all-in-onelatitude_rugged_5430precision_5570precision_5520_firmwareinspiron_7591vostro_3890_firmwarelatitude_7310inspiron_14_5410_firmwareinspiron_7790inspiron_7500inspiron_7790_firmwarexps_15_7590latitude_5580edge_gateway_3000_firmwareoptiplex_micro_plus_7010_firmwareprecision_5540_firmwarevostro_3584_firmwarealienware_m16_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3460_xe_small_form_factorxps_15_9520latitude_7320_firmwareoptiplex_5490_all-in-onelatitude_3120latitude_rugged_7220_firmwareprecision_3520_firmwarevostro_3480chengming_3980precision_3551_firmwareinspiron_5401_aiog5_15_5500inspiron_3020_small_desktop_firmwareoptiplex_xe4optiplex_7070_ultra_firmwareoptiplex_5260_all-in-one_firmwarelatitude_rugged_7220exoptiplex_7060inspiron_5593_firmwarelatitude_7200_2-in-1_firmwarelatitude_7424_rugged_extremeoptiplex_7410_all-in-one_firmwareprecision_3630_towerinspiron_3020_desktop_firmwarevostro_3470optiplex_7480_all-in-one_firmwarelatitude_7390vostro_3910_firmwarelatitude_7290_firmwarechengming_3911precision_3240_compactprecision_7750_firmwarealienware_m18_firmwarevostro_3480_firmwarelatitude_5285_2-in-1_firmwareinspiron_5490_aiochengming_3991_firmwarevostro_7590_firmwareprecision_5680xps_15_7590_firmwareembedded_box_pc_5000_firmwareinspiron_14_5418xps_13_9380_firmwareg15_5520latitude_7490precision_3650_tower_firmwarelatitude_5288optiplex_7060_firmwareprecision_3240_compact_firmwareoptiplex_7470_all-in-one_firmwarevostro_3510precision_3630_tower_firmwarexps_13_9310_2-in-1inspiron_3581optiplex_5250precision_7920_tower_firmwareinspiron_5400_firmwarevostro_5591_firmwarelatitude_5424_ruggedlatitude_5488_firmwareCPG BIOScpg_bios
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-39425
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-0.04% / 9.50%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 15:07
Updated-15 Aug, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Security vulnerability in AdobeARMHelper

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Readeracrobat_dcacrobat_readeracrobat_reader_dcacrobat
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-38418
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.75%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Linux

Memory corruption while parsing the memory map info in IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqca6426sdm429wqca6696sd865_5gcsrb31024qcs610sa8155p_firmwareqam8295p_firmwaresd865_5g_firmwarec-v2x_9150_firmwaresa8195p_firmwaresa8145p_firmwareqcn9074_firmwarewcn3620_firmwarevideo_collaboration_vc1_platform_firmwarewcn3680bwcd9380_firmwaresnapdragon_auto_4g_modemqca6574au_firmwareqsm8250_firmwareqca6391_firmwaresa8195psnapdragon_auto_4g_modem_firmwarewcn3950_firmwareqca6391wcn3660bsdm429w_firmwarec-v2x_9150wcn3980wcn3950video_collaboration_vc3_platform_firmwaresnapdragon_w5\+_gen_1_wearablesw5100sxr2230pwcd9370sa8540p_firmwaresnapdragon_x55_5g_modem-rfsw5100p_firmwaresa8295p_firmwaresnapdragon_865\+_5g_mobilesa8150p_firmwaresxr2230p_firmwaresnapdragon_429_mobile_firmwarewsa8835sa9000psxr2130csrb31024_firmwareqsm8250qca6426_firmwareqcn9074fastconnect_7800sa6155p_firmwarewcd9341_firmwaresnapdragon_8_gen_1_mobileqca6564au_firmwaresnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwareqam8295psnapdragon_xr2_5g_firmwarewcd9341wcn3988snapdragon_x55_5g_modem-rf_firmwaresnapdragon_865_5g_mobileqca6574ausa8150psa6150p_firmwarefastconnect_6900snapdragon_xr2_5gwcn3988_firmwaresw5100_firmwaresxr2250pfastconnect_6800snapdragon_429_mobileqcs410_firmwaresa8530p_firmwareqca6696_firmwaresnapdragon_8_gen_1_mobile_firmwarewsa8810_firmwarewcd9385_firmwaresa6150pwcn3680b_firmwarewsa8810wsa8832sa8295psa6145p_firmwareqcs610_firmwaresa6145psnapdragon_870_5g_mobile_firmwarewsa8815snapdragon_w5\+_gen_1_wearable_firmwareqcs410sdx55sdx55_firmwaresa6155psnapdragon_865\+_5g_mobile_firmwarewcd9380video_collaboration_vc3_platformwsa8830qca6436_firmwarewsa8815_firmwaresa8155pwsa8832_firmwaresa8145psw5100psa8530pwsa8830_firmwarewcn3620wcn3980_firmwareqca6564ausxr2130_firmwarevideo_collaboration_vc1_platformqca6436fastconnect_6900_firmwaresa8540pqca6595au_firmwaresa9000p_firmwarefastconnect_6800_firmwarewcd9385qca6595auwcn3660b_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-38406
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.29%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-16 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while handling IOCTL calls in JPEG Encoder driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"sdm429wsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwarefastconnect_6800snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"wsa8840wsa8835sdm429w_firmwaresnapdragon_7c\+_gen_3_computesc8180x\+sdx55wcd9380qca6420_firmwarefastconnect_6700video_collaboration_vc3_platformwcd9370snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"qcm5430_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"_firmwareqca6430_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)_firmwarewcd9385_firmwarewsa8845snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)fastconnect_6200wcd9340_firmwarewcn3660bwsa8815wsa8845_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"wcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresc8380xpfastconnect_6200_firmwarewsa8845h_firmwarewcd9375_firmwareqca6391qca6420snapdragon_429_mobile_platformfastconnect_7800snapdragon_7c_compute_platform_firmwareaqt1000_firmwareqcs6490qcm6490_firmwarewsa8840_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)fastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"_firmwareqca6430sm6250wcd9340fastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810wsa8845hqcm5430qcs5430wcd9385wcd9341snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmwareqcs5430_firmwareqca6391_firmwarewcd9375wcd9370_firmwareaqt1000snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"_firmwaresm6250_firmwaresc8180x\+sdx55_firmwarewsa8830_firmwarewcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarewcn3620snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmwarefastconnect_6800_firmwaresnapdragon_7c_compute_platformSnapdragonaqt1000_firmwarewcd9380_firmwareqcm6490_firmwarewsa8840_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresdm429w_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwareqcm5430_firmwareqca6430_firmwareqcs6490_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwarewcd9370_firmwarewcd9340_firmwaresm6250_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmware
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-38407
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.29%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-16 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"sdm429wsnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwarefastconnect_6800snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"wsa8840wsa8835sdm429w_firmwaresnapdragon_7c\+_gen_3_computesc8180x\+sdx55wcd9380qca6420_firmwarefastconnect_6700video_collaboration_vc3_platformwcd9370snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"qcm5430_firmwarevideo_collaboration_vc3_platform_firmwareqca6430_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)_firmwarewcd9385_firmwarewsa8845snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)fastconnect_6200wcd9340_firmwarewcn3660bwsa8815wsa8845_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"wcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresc8380xpfastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwareqca6391snapdragon_429_mobile_platformqca6420fastconnect_7800aqt1000_firmwaresnapdragon_7c_compute_platform_firmwareqcs6490qcm6490_firmwarewsa8840_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)fastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"_firmwareqca6430sm6250fastconnect_6700_firmwarewcd9340wsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810wsa8845hqcm5430qcs5430wcd9385wcd9341snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmwareqcs5430_firmwareqca6391_firmwarewcd9375snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"_firmwareaqt1000wcd9370_firmwaresc8180x\+sdx55_firmwaresm6250_firmwarewsa8830_firmwarewcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490wsa8815_firmwarewsa8835_firmwarewcn3620snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmwarefastconnect_6800_firmwaresnapdragon_7c_compute_platformSnapdragonaqt1000_firmwarewcd9380_firmwareqcm6490_firmwarewsa8840_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresdm429w_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwareqcm5430_firmwareqca6430_firmwareqcs6490_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwarewcd9370_firmwarewcd9340_firmwaresm6250_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmware
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-36304
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.08%
||
7 Day CHG~0.00%
Published-10 Jun, 2024 | 21:21
Updated-16 Jun, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex OneTrend Micro Apex One as a Service
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-35265
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 17:00
Updated-16 Jul, 2025 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Perception Service Elevation of Privilege Vulnerability

Windows Perception Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_11_21h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 version 21H2Windows 11 Version 23H2Windows 11 version 22H3Windows Server 2019 (Server Core installation)Windows Server 2019Windows 11 version 22H2Windows 10 Version 22H2Windows 10 Version 21H2Windows 10 Version 1809
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2023-27470
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-1.00% / 76.09%
||
7 Day CHG+0.03%
Published-11 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.

Action-Not Available
Vendor-n-ablen/an-ableMicrosoft Corporation
Product-windowstake_controln/atake_control
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found