CVE-2022-34373: 
Dell Command | Integration Suite for System Center vulnerability analysis and mitigation

Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains an arbitrary file write vulnerability identified as CVE-2022-34373. The vulnerability was discovered by Johannes Hatting and disclosed in July 2022. This security flaw affects Dell Command | Integration Suite for System Center installations and allows locally authenticated malicious users to perform arbitrary write operations with system privileges (Dell Security Advisory).

The vulnerability has been assigned a CVSS Base Score of 7.3 with the following vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and user interaction. The impact potential is high across confidentiality, integrity, and availability (Dell Security Advisory).

If exploited, this vulnerability allows a locally authenticated malicious user to perform arbitrary write operations with system-level privileges. This could potentially lead to complete system compromise, affecting the confidentiality, integrity, and availability of the system (Dell Security Advisory).

Dell has released version 6.2.0 of the Dell Command | Integration Suite for System Center to address this vulnerability. Users are advised to update to this version to mitigate the risk. The update can be downloaded from the Dell support website (Dell Security Advisory).