CVE-2023-28047 HIGH

CVE-2023-28047

Vendor Dell

Product Dell Display Manager

Weakness CWE-272

Published April 20, 2023

Last update February 5, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.

Key dates

02Disclosure timeline

April 20, 2023 CVE published

February 5, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-28047 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/272.html

Related vulnerabilities

04Related CVE

CVE-2024-0638 Privilege escalation in mk_oracle plugins CVE-2026-11494 TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation CVE-2026-11555 D-Link DGS-1100-08PD Web boa.conf least privilege violation CVE-2025-1384 Least Privilege Violation Vulnerability in the communications functions of NJ/NX-series Machine Automation Controllers CVE-2026-11497 D-Link DCS-5615 Boa Webserver boa.conf least privilege violation