CVE-2022-34429 MEDIUM

CVE-2022-34429

Vendor Dell
Product Dell Hybrid Client (DHC)
Weakness CWE-22 · Path traversal
Published September 30, 2022
Last update September 17, 2024

CVSS base score

6.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

What the vulnerability does

01Description

Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.

Key dates

02Disclosure timeline

September 30, 2022 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE