Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. A local unauthenticated attacker could potentially exploit this vulnerability, leading to arbitrary code execution in the context of the logged in user. Exploitation of this issue requires a victim to open a malicious file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2024-06-12T15:02:53.826Z
Updated: 2024-06-12T16:41:31.838Z
Reserved: 2024-03-13T15:42:12.960Z
Link: CVE-2024-28964
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-12T15:15:50.647
Modified: 2024-06-13T18:36:09.010
Link: CVE-2024-28964
JSON object: View
Redhat Information
No data.
CWE