cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32479,https://securityvulnerability.io/vulnerability/CVE-2023-32479,Privilege Escalation Vulnerability in Dell Encryption,"A privilege escalation vulnerability exists in specific versions of Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server. This issue arises from improper access control list (ACL) configurations within the non-default installation directory of these products. A local attacker with malicious intent could exploit this vulnerability by replacing binaries in the affected directory. Such an exploit could lead to a reverse shell on the system, allowing the attacker to gain elevated privileges and perform unauthorized actions.",Dell,"Dell Encryption,Dell Endpoint Security Suite Enterprise,Dell Security Management Server (windows)",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-06T08:09:30.931Z,0
CVE-2023-39246,https://securityvulnerability.io/vulnerability/CVE-2023-39246,Insecure Operation Vulnerability in Dell Encryption Products,"Dell Encryption and its related products, such as Dell Endpoint Security Suite Enterprise and Dell Security Management Server, are impacted by a vulnerability during the installation process. This flaw allows a local malicious user to exploit insecure operations on Windows Junctions, potentially creating arbitrary folders within restricted directories. Such an exploit could lead to privilege escalation, enabling unauthorized access and manipulation of system resources.",Dell,"Dell Encryption, Dell Endpoint Security Suite Enterprise, Dell Security Management Server (Windows)",7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-16T09:15:00.000Z,0
CVE-2019-3745,https://securityvulnerability.io/vulnerability/CVE-2019-3745,,"The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This issue is exploitable only during the installation of the product by an administrator. A local authenticated low privileged user potentially could exploit this vulnerability by staging a malicious DLL in the search path of the installer prior to its execution by a local administrator. This would cause loading of the malicious DLL, which would allow the attacker to execute arbitrary code in the context of an administrator.",Dell,"Dell Encryption Enterprise,Dell Endpoint Security Suite Enterprise",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-10-07T19:15:00.000Z,0