HIGH🇬🇧 English

CVE-2019-3742

CVSS 7.8v3.1pub. 2019-08-09upd. 2024-11-21

Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Digital Delivery

    APP
    Dell
    < 3.5.20134.0.15.0 – 4.0.41 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPEDeserialization
CWE
Referencje

Powiązane podatności

CVE-2025-38739HIGH7.2ten sam produkt

Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerabili...

CVE-2024-0155HIGH7.0ten sam produkt

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileg...

CVE-2024-0156HIGH7.0ten sam produkt

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privile...

CVE-2020-5342HIGH7.8ten sam produkt

Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A loc...

CVE-2019-3744HIGH7.8ten sam produkt

Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local...