CVE-2024-22451

Vulnerability

Dell Peripheral Manager versions 1.5.1 to 1.7.2 inclusive contain an uncontrolled search path element vulnerability [1]. When the application loads a required library or executable, it searches a set of directories without securely restricting the order or validating the integrity of the found file. This allows an attacker with local access to place a malicious executable in a directory that appears earlier in the search path, causing the application to load the attacker's payload instead of the legitimate component [1]. The affected versions are 1.5.1 through 1.7.2.

Exploitation

An attacker must have local access to the system and the ability to write files to a directory that is searched by the application's dynamic linker or executable loading mechanism before the intended system directory [1]. The attacker places a malicious executable or DLL (depending on the search path element) in that location. When Dell Peripheral Manager is launched or when it loads a specific component that triggers the vulnerable search path, the operating system loads the attacker's malicious executable, executing arbitrary code in the context of the Dell Peripheral Manager process [1].

Impact

Successful exploitation allows the attacker to achieve arbitrary code execution at the privilege level of the Dell Peripheral Manager process, which typically runs with user-level privileges. The attacker can then perform operations such as installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights [1].

Mitigation

Dell has released version 1.7.3 on March 27, 2024, which remediates the vulnerability [1]. All users should upgrade to version 1.7.3 or later. There are no known workarounds for this vulnerability [1].