#VU7323 Insecure DLL loading in Dell Precision Optimizer
Vulnerability identifier: #VU7323
Vulnerability risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-427
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Dell Precision Optimizer
Client/Desktop applications /
Other client software
Vendor: Dell
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the poaService.exe service component due to dll hijacking. A local attacker can place a specially crafted “atiadlxx.dll” file in one of directories pointed to by the PATH environment variable and execute arbitrary code on the target system with system privileges.
Successful exploitation of the vulnerability may result in system compromise.
Mitigation
Update Dell Precision Optimizer to version 4.0 or later.
Vulnerable software versions
Dell Precision Optimizer: 3.5.5.0
External links
http://www.talosintelligence.com/reports/TALOS-2016-0247
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
