How severe is CVE-2020-5357?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2020-5357?

This is classified as CWE-427, which is a common weakness in software security.

CVE-2020-5357 - MEDIUM Severity | CVSS 6

Vulnerability Description

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.

Related Vulnerabilities

CVE-2018-5235

MEDIUM

CVSS:6.0(Medium)

Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacke...

CWE-4272018

CVE-2024-2207

MEDIUM

CVSS:6.0(Medium)

Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has r...

CWE-4272024

CVE-2024-50583

MEDIUM

CVSS:6.3(Medium)

Whale browser Installer before 3.1.0.0 allows an attacker to execute a malicious DLL in the user environment due to improper permission settings.

CWE-4272024

CVE-2025-29817

MEDIUM

CVSS:5.7(Medium)

Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.

CWE-4272025

CVE-2019-3749

MEDIUM

CVSS:5.6(Medium)

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to del...

CWE-4272019

CVE-2019-3750

MEDIUM

CVSS:5.6(Medium)

CWE-4272019