{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-22451","assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","state":"PUBLISHED","assignerShortName":"dell","dateReserved":"2024-01-10T15:26:10.251Z","datePublished":"2026-06-16T15:16:00.056Z","dateUpdated":"2026-06-17T03:55:58.900Z"},"containers":{"cna":{"providerMetadata":{"orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell","dateUpdated":"2026-06-16T15:16:00.056Z"},"datePublic":"2024-04-02T06:30:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-427","description":"CWE-427: Uncontrolled Search Path Element","type":"CWE"}]}],"affected":[{"vendor":"Dell","product":"Peripheral Manager","versions":[{"status":"affected","version":"0","lessThan":"1.7.3 or later","versionType":"semver"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution.","supportingMedia":[{"type":"text/html","base64":false,"value":"Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution."}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000221413/dsa-2024-055-security-update-for-dell-peripheral-manager-uncontrolled-search-path-element-vulnerabilities?lang=en","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseSeverity":"MEDIUM","baseScore":6.7,"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}}],"credits":[{"lang":"en","value":"Dell Technologies would like to thank Yue Liu From TIANGONG Team of Legendsec at QI-ANXIN Group for reporting this issue.","type":"finder"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 1.0.2"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-16T00:00:00+00:00","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2024-22451"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-17T03:55:58.900Z"}}]}}