CVE-2024-32857

HIGH

Dell Peripheral Manager < 1.7.6 - Uncontrolled Search Path

Title source: rule

Description

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-us/000225474/dsa-2024-242

Scores

CVSS v3 7.3

EPSS 0.0010

EPSS Percentile 28.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

dell/peripheral_manager < 1.7.6

Timeline

Published Jul 31, 2024

Tracked Since Feb 18, 2026