CVE-2023-28065 MEDIUM

CVE-2023-28065

Vendor Dell
Product Dell Command Update (DCU)
Weakness CWE-1386
Published June 23, 2023
Last update December 4, 2024

CVSS base score

6.7/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.

Key dates

02Disclosure timeline

June 23, 2023 CVE published
December 4, 2024 Record updated