CVE-2023-39246

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Nov 16, 2023 / Updated: 12mo ago

010
CVSS 7.3EPSS 0.04%High
CVE info copied to clipboard

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2023-39246. See article

Nov 15, 2023 at 12:29 PM / google.com
CVE Assignment

NVD published the first details for CVE-2023-39246

Nov 16, 2023 at 9:15 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 7.3%)

Nov 17, 2023 at 4:02 PM
Static CVE Timeline Graph

Affected Systems

Dell/encryption
+null more

Patches

www.dell.com
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

References

DSA-2023-271: Security Update for a Dell Encryption, Dell Endpoint Security Suite ...
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation 4.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L

News

Rewterz Threat Advisory – Multiple Dell Products Vulnerabilities
Dell Encryption, Endpoint Security Suite Enterprise, and Security Management Server could allow a local authenticated attacker to gain elevated privileges on the system, caused by insecure operation on a Windows junction. Dell OS Recovery Tool could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control.
CVE-2023-39246
High Severity Description Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation Read more at https://www.tenable.com/cve/CVE-2023-39246
NA - CVE-2023-39246 - Dell Encryption, Dell Endpoint Security Suite...
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during...
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation (CVSS:4.6) (Last Update:2023-11-16 09:15:07)
CVE-2023-39246 | Dell Encryption up to 11.8.0 Installation symlink (dsa-2023-271)
A vulnerability classified as critical was found in Dell Encryption, Endpoint Security Suite Enterprise and Security Management Server up to 11.8.0 . This vulnerability affects unknown code of the component Installation Handler . The manipulation leads to symlink following. This vulnerability was named CVE-2023-39246 . The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
See 1 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI