Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. A local unauthenticated attacker could potentially exploit this vulnerability, leading to arbitrary code execution in the context of the logged in user. Exploitation of this issue requires a victim to open a malicious file.
Metrics
Affected Vendors & Products
References
History
Fri, 16 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dell
Dell common Event Enabler |
|
CPEs | cpe:2.3:a:dell:common_event_enabler:*:*:*:*:*:windows:*:* | |
Vendors & Products |
Dell
Dell common Event Enabler |
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2024-06-12T15:02:53.826Z
Updated: 2024-08-02T01:03:51.507Z
Reserved: 2024-03-13T15:42:12.960Z
Link: CVE-2024-28964
Vulnrichment
Updated: 2024-08-02T01:03:51.507Z
NVD
Status : Modified
Published: 2024-06-12T15:15:50.647
Modified: 2024-11-21T09:07:16.867
Link: CVE-2024-28964
Redhat
No data.