CVE-2020-5385

Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.
References
Link Resource
https://www.dell.com/support/article/SLN322456 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:dell:endpoint_security_suite_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:encryption:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-08-18 09:15

Updated : 2020-08-26 05:16


NVD link : CVE-2020-5385

Mitre link : CVE-2020-5385

Products Affected
No products.
CWE