vendor:
TrueMobile 1300 Wireless System Tray Applet
by:
Unknown
7.5
CVSS
HIGH
Privilege Escalation
Unknown
CWE
Product Name: TrueMobile 1300 Wireless System Tray Applet
Affected Version From: Version 3.10.39.0
Affected Version To: Unknown
Patch Exists: No
Related CWE: Unknown
CPE: a:dell:truemobile_1300_wireless_system_tray_applet
Platforms Tested:
Unknown
Privilege Escalation in Dell TrueMobile 1300 Wireless System Tray Applet
A privilege escalation vulnerability exists in the Dell TrueMobile 1300 Wireless System Tray Applet. The software starts with SYSTEM privileges to enable access to the wireless hardware but fails to drop them. This allows a local attacker to manipulate the GUI of the application to spawn arbitrary processes with the privileges of the affected process.
Mitigation:
Unknown