Friday, January 31, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityMultiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

Multiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

CVE/vulnerability

Published on

By Gurubaran
Multiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

Free Webinar DevSecOps Hacks

SIEM as a Service

Follow Us on Google News

Security experts from Talos discovered a couple of vulnerabilities in Dell Precision software which allow attackers to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user.

CVE-2016-9038

This vulnerability exists with Invincea-X, Dell Protected Workspace 6.1.3-24058 and attacker can trigger this vulnerability by sending crafted data to the \Device\SandboxDriverApi device driver which is read/write Open to everyone.

A Successful exploitation ends in an arbitrary value written to kernel memory space, that can lead to local privilege escalation.

For More details on Vulnerability Report TALOS-2016-0256.

Also Read Vault 7 Leaks: CIA Malware “OutlawCountry” Controls Linux Machine

CVE-2016-8732

Due to inadequate restrictions on the driver communications channel, as well as inadequate validation, an attacker controlled application that is executed on an affected system could leverage this driver to effectively disable some of the protection mechanisms provided by the software.

This security vulnerability found in one of the driver components, ‘InvProtectDrv.sys’ with version 5.1.1-22303 and the vulnerability is fixed with version 6.3.0.

For More details on Vulnerability Report TALOS-2016-0246.

Also Read WordPress Visitor Statistics Plugin found Vulnerable to SQL Injection

CVE-2017-2802

This vulnerability exists with Dell Ppo Service, upon execution the program will load atiadlxx.dll which is not present in application default directory. Application searches for an appropriately named DLL in the directories defined by the PATH environment variable.

If it finds a DLL with the same name, it will load the DLL into poaService.exe without verifying the signature of the DLL. This can lead to the execution of arbitrary code if an attacker supplies a malicious DLL of the correct name.

Vulnerability exists with PPR Monitoring Plugin 3.5.5.0 and versions from v4.0 onwards are not vulnerable

For More details on Vulnerability Report TALOS-2016-2047.

Talos recommend's that organizations using affected versions of this solution
update to the latest version as quickly as possible to ensure that the protections
provided by this software cannot be bypassed by an attacker. Organizations need
to carefully consider the risks and benefits of software bundled with devices.

Also Read Lenovo VIBE Mobile Phones Vulnerable to Local Root Privilege Escalation

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

cyber security

Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments

A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently...
Android

New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages

Since mid-2024, cybersecurity researchers have been monitoring a sophisticated Android malware campaign dubbed "Tria...
cyber security

500 Million Proton VPN & Pass Users at Risk Due to Memory Protection Vulnerability

Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton...
cyber security

Arcus Media Ransomware Strikes: Files Locked, Backups Erased, and Remote Access Disabled

The cybersecurity landscape faces increasing challenges as Arcus Media ransomware emerges as a highly...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

Register Now

More like this

CVE/vulnerability

CISA Releases Seven ICS Advisories to Strengthen Cybersecurity Posture

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued seven Industrial Control Systems...
CVE/vulnerability

TeamViewer Clients Vulnerability Leads to Privilege Escalation

TeamViewer, a widely used remote access software, has announced a critical vulnerability in its...
CVE/vulnerability

Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 – PoC Released

 A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved