vulnerability
Dell Command Update: CVE-2023-28065: DSA-2023-146: Dell Command | Update, Dell Update, and Alienware Update Security Update for a Privilege Escalation Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:S/C:C/I:C/A:C) | May 9, 2023 | Nov 28, 2025 | Jan 13, 2026 |
Severity
6
CVSS
(AV:L/AC:H/Au:S/C:C/I:C/A:C)
Published
May 9, 2023
Added
Nov 28, 2025
Modified
Jan 13, 2026
Description
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.
Solution
dell-command-update-upgrade-latest
References
- CWE-1386
- CWE-59
- CVE-2023-28065
- https://attackerkb.com/topics/CVE-2023-28065
- URL-https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=J6PNP
- URL-https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=30F6M
- URL-https://www.dell.com/support/kbdoc/en-in/000212574/dsa-2023-146
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.