CVE-2023-32458

Summary

Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation.

Affected Software

VendorProductVersion RangeStatus
DellDell EMC AppSyncVersions 4.4.0.0, 4.5.0.0 and 4.6.0.0 including Service Pack releasesaffected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References