1. Home
  2. CVE Database
  3. CVE-2023-43078
MEDIUM · 6.7

CVE-2023-43078

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or De...

Vulnerability Description

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
DellIntel Thunderbolt Controller Firmware Update Utility< 4.62.156.006
DellG15 5510-
DellG3 3500-
DellG5 5500-
DellInspiron 7490-
DellInspiron 7500-
DellInspiron 7501-
DellVostro 7500-
DellLatitude 5290 2-In-1-
DellLatitude 5300-
DellLatitude 5310-
DellLatitude 5400-
DellLatitude 5401-
DellLatitude 5500-
DellLatitude 5501-
DellLatitude 7300-
DellLatitude 7400-
DellPrecision 3540-
DellPrecision 3541-
DellLatitude 5410-

Related Weaknesses (CWE)

CWE-59

References

FAQ

What is CVE-2023-43078?

CVE-2023-43078 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or De...

How severe is CVE-2023-43078?

CVE-2023-43078 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-43078?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Intel Thunderbolt Controller Firmware Update Utility, Dell G15 5510, Dell G3 3500, Dell G5 5500, Dell Inspiron 7490.