Headline
CVE-2023-28072: DSA-2023-158: Security Update for a Dell Alienware Command Center Vulnerability
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.
Impact
High
Details
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
Product
Software/Firmware
Affected Versions
Remediated Versions
Link
Alienware Command Center (AWCC)
Software
Versions prior to 5.5.51.0
Version 5.5.51.0 or later
Alienware Command Center for Windows 11 and Windows 10 64-bit
Alienware Command Center Application
Product
Software/Firmware
Affected Versions
Remediated Versions
Link
Alienware Command Center (AWCC)
Software
Versions prior to 5.5.51.0
Version 5.5.51.0 or later
Alienware Command Center for Windows 11 and Windows 10 64-bit
Alienware Command Center Application
Acknowledgements
Dell Technologies would like to thank Matt Hand for reporting this issue.
Revision History
Revision
Date
Description
1.0
2023-08-30
Initial Release
2.0
2023-08-30
Corrected CVSS score link
3.0
2023-09-01
Corrected Acknowledgements section
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide