Dell Display and Peripheral Manager Elevation of Privileges Vulnerability

A vulnerability allowing improper link resolution before file access has been identified in Dell Display and Peripheral Manager (DDPM) for Windows, versions prior to 2.2.0.18. This vulnerability occurs in the installer and service components, where a low-privileged attacker with local access could exploit it to gain elevated privileges. Notably, the issue arises only during the installation process of versions prior to 2.2; if an affected version is already installed, reinstallation is not necessary.

Impact

Exploitation of this vulnerability could lead to unauthorized elevation of privileges, allowing a low-privileged user to gain higher-level access or rights on the system.

Remediation

Users can upgrade to Dell Display and Peripheral Manager version 2.2.0.18 or later to address this vulnerability. The updated version is available through the Dell Support website.