CVE-2020-5342

Published: Mar 9, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.

Affected (1)

Products: Dell: Digital Delivery

1 product

Digital Delivery

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Digital Delivery	Before 3.5.2015

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://www.dell.com/support/article/SLN320561

Source: security_alert@emc.com

PatchVendor Advisory

https://www.dell.com/support/article/SLN320561

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.