CVE-2024-32857
HIGHDell Peripheral Manager < 1.7.6 - Uncontrolled Search Path Element via DLL Preloading
Title source: llmDescription
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000225474/dsa-2024-242
Scores
CVSS v3
7.3
EPSS
0.0010
EPSS Percentile
27.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-427
Status
published
Products (1)
dell/peripheral_manager
< 1.7.6
Published
Jul 31, 2024
Tracked Since
Feb 18, 2026