CVE-2023-32454
MEDIUMDescription
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service
Is your site exposed to CVE-2023-32454?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dell | update_package_framework |
References
Frequently Asked Questions
What is CVE-2023-32454? +
How severe is CVE-2023-32454? +
What products are affected by CVE-2023-32454? +
How do I check if I'm vulnerable to CVE-2023-32454? +
Related Vulnerabilities
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the …
A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can …
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in …
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user …
Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A …
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for …