CVE-2017-2802

Summary

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
dellDellPrecision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0affected

Weaknesses

  • dll hijiacking

ADP Enrichment

CVE Program Container

Additional References

References