Command Update Dell Command Update

Do you want an email whenever new security vulnerabilities are reported in Dell Command Update?

By the Year

In 2022 there have been 0 vulnerabilities in Dell Command Update . Last year Command Update had 1 security vulnerability published. Right now, Command Update is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 1 7.80
2020 0 0.00
2019 2 5.50
2018 0 0.00

It may take a day or so for new Command Update vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dell Command Update Security Vulnerabilities

Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability

CVE-2021-36277 7.8 - High - August 09, 2021

Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated malicious user could exploit this vulnerability by modifying local configuration files in order to execute arbitrary code on the system.

Improper Verification of Cryptographic Signature

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability

CVE-2019-3749 5.5 - Medium - December 03, 2019

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\ICProgress\Dell_InventoryCollector_Progress.xml" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.

insecure temporary file

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability

CVE-2019-3750 5.5 - Medium - December 03, 2019

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.

insecure temporary file

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Dell Command Update or by Dell? Click the Watch button to subscribe.

Dell
Vendor

subscribe