CVE-2023-39246

HIGH Year: 2023
CVSS v3 Score
7.3
High
Weakness Type
CWE-61
View all →

Vulnerability Description

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation

Related Vulnerabilities

CVE-2023-41969

HIGH
CVSS:7.3(High)

An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 a...

CWE-612023

CVE-2020-15075

HIGH
CVSS:7.1(High)

OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.

CWE-612020

CVE-2021-1612

HIGH
CVSS:7.1(High)

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access cont...

CWE-612021

CVE-2021-32518

HIGH
CVSS:7.5(High)

A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a symbolic link then access arbitrary files. The referred vulnerability has been solved with the updated version...

CWE-612021

CVE-2024-1933

HIGH
CVSS:7.1(High)

Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a de...

CWE-612024

CVE-2017-14798

HIGH
CVSS:7.0(High)

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

CWE-612017