Dell Product Security Update Advisory

Overview

 

Dell has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.

 

Affected Products

 

CVE-2024-32857, CVE-2024-37127, CVE-2024-37142

  • Dell Peripheral Manager versions: ~ 1.7.6 (inclusive)

 

 

Resolved Vulnerabilities

 

Vulnerabilities that allow attackers to preload a malicious DLL or symbolic link exploit to execute arbitrary code and escalate privileges (CVE-2024-32857, CVE-2024-37127, CVE-2024-37142)

 

Vulnerability Patches

 

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-32857, CVE-2024-37127, CVE-2024-37142

  • Dell Peripheral Manager version: 1.7.6 or later

 

 

Referenced Sites
 

[1] DSA-2024-242: Security Update for Dell Peripheral Manager for Multiple Uncontrolled Search Path Element Vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000225474/dsa-2024-242

Article Link: Dell Product Security Update Advisory – ASEC