An installation flaw in the Portrait Dell Color Management application allows a local low‑privileged user to create or overwrite files with elevated (Administrator) rights. During setup the installer writes a data file to a privileged location while running as SYSTEM. Because the installer does not validate symbolic links or reparse points, a malicious link can redirect that write operation to an arbitrary system path, giving the user the ability to create or overwrite files that normally require administrative credentials. This flaw permits a local privilege escalation with potentially full control over the affected Windows machine.

The vulnerability exists in Portrait Dell Color Management versions prior to 3.7.0 on Windows systems that support Dell displays. During installation the path "C:\\ProgramData\\Portrait Displays\\CW\\data\\i1D3\\" is written with elevated privileges. Systems running the affected software and using Dell monitors are therefore at risk.

The issue is local; an attacker needs only a low‑privileged user account to deploy a malicious symbolic link during installation. The CVSS score of 5.3 indicates a medium severity for this privilege escalation, but the ability to overwrite critical files is still serious. While the EPSS score is not available, the flaw is not listed in the CISA KEV catalog. Without remediation an attacker could write or replace system files, potentially installing malware, modifying security settings, or further elevating their access to full administrative control.