Vulnerability Spotlight: Dell Precision Optimizer and Invincea Vulnerabilities
June 30, 2017
Talos are releasing advisories for vulnerabilities in the Dell Precision Optimizer application service software, Invincea-X and Invincea Dell Protected Workspace.
Privilege Escalation & Protection Bypass Vulnerabilities affecting:
Invincea-X, Dell Protected Workspace 6.1.3-24058
Invincea, Dell Protected Workspace 5.1.1-22303
Dell Precision Tower 5810 with nvidia graphic cards, PPO Policy Processing Engine (3.5.5.0), ati.dll (PPR Monitoring Plugin) (3.5.5.0).
Read the full report on talsointelligence.com
Further information on this was published on securityweek.com:
Pre-Installed Software Flaws Expose Dell Systems to Code Execution
By Ionut Arghire on July 04, 2017
Flaws in pre-installed software expose Dell systems to attacks that could result in the disabling of security mechanisms, privilege escalation, and arbitrary code execution within the context of the application user.
…
“Given that the Invincea Dell Protected Workspace is an application that is commonly deployed to secure workstations within high security environments, it is recommended that organizations using affected versions of this solution update to the latest version as quickly as possible to ensure that the protections provided by this software cannot be bypassed by an attacker,” Cisco notes.
Read the full article here
