Vulnerability CVE-2024-28964


Published: 2024-06-12

Description:
Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. A local unauthenticated attacker could potentially exploit this vulnerability, leading to arbitrary code execution in the context of the logged in user. Exploitation of this issue requires a victim to open a malicious file.

Type:

CWE-502

(Deserialization of Untrusted Data)

 References:
https://www.dell.com/support/kbdoc/en-us/000224987/dsa-2024-179-security-update-for-dell-emc-common-event-enabler-windows-for-cavatools-vulnerabilities

Copyright 2026, cxsecurity.com

 

Back to Top