Product:

Supportassist_for_home_pcs

(Dell)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 25
Date Id Summary Products Score Patch Annotated
2023-02-10 CVE-2022-34366 Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Supportassist_for_home_pcs 6.5
2023-02-11 CVE-2022-34384 Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. Alienware_update, Command_update, Supportassist_for_business_pcs, Supportassist_for_home_pcs, Update 7.8
2023-02-11 CVE-2022-34385 SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Supportassist_for_business_pcs, Supportassist_for_home_pcs 5.5
2023-02-11 CVE-2022-34386 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Supportassist_for_business_pcs, Supportassist_for_home_pcs 5.5
2023-02-11 CVE-2022-34387 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. Supportassist_for_business_pcs, Supportassist_for_home_pcs 7.8
2023-02-11 CVE-2022-34388 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application. Supportassist_for_business_pcs, Supportassist_for_home_pcs 7.1
2023-02-11 CVE-2022-34389 Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. Supportassist_for_business_pcs, Supportassist_for_home_pcs 5.3
2023-02-11 CVE-2022-34392 SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information. Supportassist_for_home_pcs 5.5
2023-12-22 CVE-2023-48670 Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Supportassist_for_home_pcs 7.8
2024-02-14 CVE-2023-25535 Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 Supportassist_for_home_pcs 6.5