Wednesday, March 19, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityMultiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

Multiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

CVE/vulnerability

Published on

By Gurubaran
Multiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Security experts from Talos discovered a couple of vulnerabilities in Dell Precision software which allow attackers to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user.

CVE-2016-9038

This vulnerability exists with Invincea-X, Dell Protected Workspace 6.1.3-24058 and attacker can trigger this vulnerability by sending crafted data to the \Device\SandboxDriverApi device driver which is read/write Open to everyone.

A Successful exploitation ends in an arbitrary value written to kernel memory space, that can lead to local privilege escalation.

For More details on Vulnerability Report TALOS-2016-0256.

Also Read Vault 7 Leaks: CIA Malware “OutlawCountry” Controls Linux Machine

CVE-2016-8732

Due to inadequate restrictions on the driver communications channel, as well as inadequate validation, an attacker controlled application that is executed on an affected system could leverage this driver to effectively disable some of the protection mechanisms provided by the software.

This security vulnerability found in one of the driver components, ‘InvProtectDrv.sys’ with version 5.1.1-22303 and the vulnerability is fixed with version 6.3.0.

For More details on Vulnerability Report TALOS-2016-0246.

Also Read WordPress Visitor Statistics Plugin found Vulnerable to SQL Injection

CVE-2017-2802

This vulnerability exists with Dell Ppo Service, upon execution the program will load atiadlxx.dll which is not present in application default directory. Application searches for an appropriately named DLL in the directories defined by the PATH environment variable.

If it finds a DLL with the same name, it will load the DLL into poaService.exe without verifying the signature of the DLL. This can lead to the execution of arbitrary code if an attacker supplies a malicious DLL of the correct name.

Vulnerability exists with PPR Monitoring Plugin 3.5.5.0 and versions from v4.0 onwards are not vulnerable

For More details on Vulnerability Report TALOS-2016-2047.

Talos recommend's that organizations using affected versions of this solution
update to the latest version as quickly as possible to ensure that the protections
provided by this software cannot be bypassed by an attacker. Organizations need
to carefully consider the risks and benefits of software bundled with devices.

Also Read Lenovo VIBE Mobile Phones Vulnerable to Local Root Privilege Escalation

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

cyber security

Hackers Exploit Cobalt Strike, SQLMap, and Other Tools to Target Web Applications

A recent cybersecurity incident has highlighted the sophisticated methods used by hackers to target...
cyber security

Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers

A critical vulnerability has been discovered in AMI's MegaRAC software, which is used in...
CVE/vulnerability

CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical...
APT

MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox

In a significant development, the China-aligned advanced persistent threat (APT) group known as MirrorFace...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

CVE/vulnerability

CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical...
CVE/vulnerability

Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code

A critical vulnerability affecting Synology's DiskStation Manager (DSM) has been disclosed, allowing remote attackers...
CVE/vulnerability

Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released

A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved