CVE-2023-43081
MEDIUMPowerProtect Agent for File System <19.14 - Privilege Escalation
Title source: llmDescription
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.
References (1)
Core 1
Core References
Patch, Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000219782/dsa-2023-427-security-update-for-dell-powerprotect-agent-for-file-system-vulnerabilities
Scores
CVSS v3
4.0
EPSS
0.0004
EPSS Percentile
10.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-276
Status
published
Products (1)
dell/powerprotect_agent_for_file_system
< 19.14
Published
Nov 22, 2023
Tracked Since
Feb 18, 2026