Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges.
2019-08-09T19:15:11.673
2024-11-21T04:42:26.990
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | dell | digital_delivery | < 3.5.2013 | Yes |
| Application | dell | digital_delivery | < 4.0.41 | Yes |