Description
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.
Published: 2020-02-21
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2020-26506 Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.
History

No history.

Subscriptions

Dell G3 15 3590 G3 15 3590 Firmware G3 3579 G3 3579 Firmware G3 3779 G3 3779 Firmware G5 15 5590 G5 15 5590 Firmware G5 5090 G5 5090 Firmware G5 5587 G5 5587 Firmware G7 15 7590 G7 15 7590 Firmware G7 17 7790 G7 17 7790 Firmware G7 7588 G7 7588 Firmware Inspiron 14 5490 Inspiron 14 5490 Firmware Inspiron 3480 Inspiron 3480 Firmware Inspiron 3481 Inspiron 3481 Firmware Inspiron 3490 Inspiron 3490 Firmware Inspiron 3493 Inspiron 3493 Firmware Inspiron 3580 Inspiron 3580 Firmware Inspiron 3581 Inspiron 3581 Firmware Inspiron 3583 Inspiron 3583 Firmware Inspiron 3584 Inspiron 3584 Firmware Inspiron 3590 Inspiron 3590 Firmware Inspiron 3593 Inspiron 3593 Firmware Inspiron 3780 Inspiron 3780 Firmware Inspiron 3781 Inspiron 3781 Firmware Inspiron 3790 Inspiron 3790 Firmware Inspiron 3793 Inspiron 3793 Firmware Inspiron 5390 Inspiron 5390 Firmware Inspiron 5391 Inspiron 5391 Firmware Inspiron 5480 Inspiron 5480 Firmware Inspiron 5481 Inspiron 5481 Firmware Inspiron 5482 Inspiron 5482 Firmware Inspiron 5491 Inspiron 5491 Firmware Inspiron 5493 Inspiron 5493 Firmware Inspiron 5494 Inspiron 5494 Firmware Inspiron 5498 Inspiron 5498 Firmware Inspiron 5580 Inspiron 5580 Firmware Inspiron 5582 Inspiron 5582 Firmware Inspiron 5583 Inspiron 5583 Firmware Inspiron 5584 Inspiron 5584 Firmware Inspiron 5590 Inspiron 5590 Firmware Inspiron 5591 Inspiron 5591 Firmware Inspiron 5593 Inspiron 5593 Firmware Inspiron 5594 Inspiron 5594 Firmware Inspiron 5598 Inspiron 5598 Firmware Inspiron 7380 Inspiron 7380 Firmware Inspiron 7386 Inspiron 7386 Firmware Inspiron 7390 Inspiron 7390 Firmware Inspiron 7391 Inspiron 7391 Firmware Inspiron 7490 Inspiron 7490 Firmware Inspiron 7580 Inspiron 7580 Firmware Inspiron 7586 Inspiron 7586 Firmware Inspiron 7590 Inspiron 7590 Firmware Inspiron 7591 Inspiron 7591 Firmware Inspiron 7786 Inspiron 7786 Firmware Inspiron 7791 Inspiron 7791 Firmware Latitude 3300 Latitude 3300 Firmware Latitude 3301 Latitude 3301 Firmware Latitude 3311 Latitude 3311 Firmware Latitude 3390 Latitude 3390 Firmware Latitude 3400 Latitude 3400 Firmware Latitude 3490 Latitude 3490 Firmware Latitude 3500 Latitude 3500 Firmware Latitude 3590 Latitude 3590 Firmware Latitude 5290 Latitude 5290 Firmware Latitude 5300 Latitude 5300 Firmware Latitude 5400 Latitude 5400 Firmware Latitude 5401 Latitude 5401 Firmware Latitude 5420 Rugged Latitude 5420 Rugged Firmware Latitude 5424 Rugged Latitude 5424 Rugged Firmware Latitude 5490 Latitude 5490 Firmware Latitude 5491 Latitude 5491 Firmware Latitude 5500 Latitude 5500 Firmware Latitude 5501 Latitude 5501 Firmware Latitude 5590 Latitude 5590 Firmware Latitude 5591 Latitude 5591 Firmware Latitude 7200 Latitude 7200 Firmware Latitude 7220 Rugged Extreme Tablet Latitude 7220 Rugged Extreme Tablet Firmware Latitude 7220ex Rugged Extreme Tablet Latitude 7220ex Rugged Extreme Tablet Firmware Latitude 7290 Latitude 7290 Firmware Latitude 7300 Latitude 7300 Firmware Latitude 7390 Latitude 7390 Firmware Latitude 7400 Latitude 7400 Firmware Latitude 7424 Rugged Extreme Latitude 7424 Rugged Extreme Firmware Latitude 7490 Latitude 7490 Firmware Precision 3530 Precision 3530 Firmware Precision 3540 Precision 3540 Firmware Precision 3541 Precision 3541 Firmware Precision 5530 Precision 5530 Firmware Precision 5540 Precision 5540 Firmware Precision 7530 Precision 7530 Firmware Precision 7540 Precision 7540 Firmware Precision 7730 Precision 7730 Firmware Precision 7740 Precision 7740 Firmware Vostro 15 7580 Vostro 15 7580 Firmware Vostro 3480 Vostro 3480 Firmware Vostro 3481 Vostro 3481 Firmware Vostro 3490 Vostro 3490 Firmware Vostro 3580 Vostro 3580 Firmware Vostro 3581 Vostro 3581 Firmware Vostro 3583 Vostro 3583 Firmware Vostro 3584 Vostro 3584 Firmware Vostro 3590 Vostro 3590 Firmware Vostro 5390 Vostro 5390 Firmware Vostro 5391 Vostro 5391 Firmware Vostro 5481 Vostro 5481 Firmware Vostro 5490 Vostro 5490 Firmware Vostro 5581 Vostro 5581 Firmware Vostro 5590 Vostro 5590 Firmware Vostro 7590 Vostro 7590 Firmware Wyse 5070 Thin Client Wyse 5070 Thin Client Firmware Wyse 5470 Wyse 5470 Firmware Xps 13 9380 Xps 13 9380 Firmware Xps 15 7590 Xps 15 7590 Firmware Xps 15 9570 Xps 15 9570 Firmware Xps 15 9575 Xps 15 9575 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-09-17T02:16:34.647Z

Reserved: 2020-01-03T00:00:00.000Z

Link: CVE-2020-5324

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-21T15:15:12.047

Modified: 2024-11-21T05:33:54.747

Link: CVE-2020-5324

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses