Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Supportassist_for_home_pcs
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-14 | CVE-2023-39249 | Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session. However, the granted privilege is... | Supportassist_for_home_pcs | 5.3 | ||
| 2024-02-14 | CVE-2023-44283 | In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
| 2024-08-21 | CVE-2024-38305 | Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with elevated privileges. | Supportassist_for_home_pcs | 7.3 | ||
| 2019-06-20 | CVE-2019-3735 | Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
| 2019-06-25 | CVE-2019-12280 | PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | Supportassist_for_business_pcs, Supportassist_for_home_pcs, Toolbox | 7.8 |