Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000227591/dsa-2024-351 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
History
04 Feb 2025, 16:13
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
| CPE | cpe:2.3:a:dell:dock_hd22q_firmware_update_utility:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:arm64:* cpe:2.3:a:dell:dock_wd22tb4_firmware_update_utility:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:dell:dock_wd19_firmware_update_utility:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:* |
|
| References | () https://www.dell.com/support/kbdoc/en-us/000227591/dsa-2024-351 - Vendor Advisory | |
| First Time |
Dell
Linux Microsoft windows Dell dock Hd22q Firmware Update Utility Linux linux Kernel Dell dock Wd19 Firmware Update Utility Microsoft Dell dock Wd22tb4 Firmware Update Utility |
|
| CWE | CWE-59 |
11 Dec 2024, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-11 08:15
Updated : 2025-02-04 16:13
NVD link : CVE-2024-52537
Mitre link : CVE-2024-52537
JSON object : View
Products Affected
dell
- dock_wd19_firmware_update_utility
- dock_wd22tb4_firmware_update_utility
- dock_hd22q_firmware_update_utility
linux
- linux_kernel
microsoft
- windows
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')