Secure Endpoint

CVE-2009-5152

Dell Client Configuration Utility Race Condition

Published: May 11, 2018 | Last Updated: Sep 24, 2020

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file.

Security Updates

Product Platform Fix Versions Fix Version Release Date
Rpcnetp v845 on Dell Inspiron 1525 None

Mitigations

Dell discontinued Dell Inspiron 1525 in 2009.

Work Arounds

N/A

Read more about NIST CVE-2009-5152

FAQs

Financial Services