CVE-2023-43086

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 23, 2023
Updated: Nov 30, 2023
CWE ID 284

Summary

CVE-2023-43086 is a vulnerability affecting Dell Command | Configure versions before 4.11.0. This issue involves improper access control, enabling a local malicious user to modify files during application upgrades within the installation folder. The exploitation of this vulnerability could potentially result in privilege escalation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Dell Command
  • Configure

Affected Vendors

  • Dell Technologies, Inc.