CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-3744

Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://www.dell.com/support/article/SLN318085
https://www.dell.com/support/article/SLN318085

Products affected by CVE-2019-3744

Dell » Digital Delivery » Version: 3.5.1

cpe:2.3:a:dell:digital_delivery:3.5.1
Dell » Digital Delivery » Version: 3.5.2

cpe:2.3:a:dell:digital_delivery:3.5.2
Dell » Digital Delivery » Version: 3.5.2006

cpe:2.3:a:dell:digital_delivery:3.5.2006
Dell » Digital Delivery » Version: 4.0.15.0

cpe:2.3:a:dell:digital_delivery:4.0.15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3744

Products

Pricing

Contact Us