CVE-2024-22451 | Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, conta… | CVSS 6.7 MEDIUM

Description

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution.

Metadata

CVE ID: CVE-2024-22451
State: PUBLISHED
Assigner: dell
Reserved: 2024-01-10 15:26 UTC
Published: 2026-06-16 15:16 UTC
Last updated: 2026-06-17 03:55 UTC
Primary CWE: CWE-427
CWE-427: Uncontrolled Search Path Element
Vendor / Product: Dell / Peripheral Manager
Sources: cve.org · NVD

Severity & Metrics

6.7 MEDIUM CVSS 3.1

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
Dell	Peripheral Manager	—	0 < 1.7.3 or later

Weakness (CWE)

CWE	Source	Description
CWE-427	cna	CWE-427: Uncontrolled Search Path Element

CVSS scores (1)

Score	Severity	Version	Source	Vector
6.7	MEDIUM	3.1	cna	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

References (1)

https://www.dell.com/support/kbdoc/en-us/000221413/dsa-2024-055-security-update-for-dell-peripheral-manager-uncontrolled-search-path-element-vulnerabilities?lang=en