cvedb.io
CVE-2017-2802
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2018-04-24T19:29:01.987 · Last modified 2026-06-17T01:16:53.523

Summary

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.

Affected products

dell — precision_optimizer

Does this affect you?

Add your gear to cvedb and we'll alert you only when dell ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.