Headline
CVE-2023-39257: DSA-2023-340: Security Update for Dell Rugged Control Center Vulnerabilities
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.
Impact
High
Details
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
CVE(s) Addressed
Product
Affected Version(s)
Updated Version(s)
Link to Update
CVE-2023-39256, CVE-2023-39257
Dell Rugged Control Center
Versions prior to 4.7
Version 4.7
https://www.dell.com/support/home/drivers/driversdetails?driverid=4M3T2
CVE(s) Addressed
Product
Affected Version(s)
Updated Version(s)
Link to Update
CVE-2023-39256, CVE-2023-39257
Dell Rugged Control Center
Versions prior to 4.7
Version 4.7
https://www.dell.com/support/home/drivers/driversdetails?driverid=4M3T2
Revision History
Revision
Date
Description
1.0
2023-11-30
Initial Release
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide