Vulnerabilities > CVE-2023-28080 - Unspecified vulnerability in Dell Powerpath 7.0/7.1/7.2

CVSS 7.3 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dell

NVD

Published: 2023-05-30

Updated: 2024-11-21

Summary

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Powerpath 7.0 Dell Powerpath 7.1 Dell Powerpath 7.2	3

References

https://www.dell.com/support/kbdoc/en-us/000214248/dsa-2023-154-powerpath-windows-security-update-for-security-update-for-multiple-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000214248/dsa-2023-154-powerpath-windows-security-update-for-security-update-for-multiple-vulnerabilities