Vulnerabilities > CVE-2020-5343 - Incorrect Authorization vulnerability in Dell OS Recovery Image for Microsoft Windows 10

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dell

CWE-863

NVD

Published: 2020-05-04

Updated: 2020-05-08

Summary

Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell OS Recovery Image FOR Microsoft Windows 10 -	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://www.dell.com/support/article/SLN321036