Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Supportassist_for_business_pcs
(Dell)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 15 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-02-14 | CVE-2023-44283 | In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
2023-02-11 | CVE-2022-34384 | Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. | Alienware_update, Command_update, Supportassist_for_business_pcs, Supportassist_for_home_pcs, Update | 7.8 | ||
2023-02-11 | CVE-2022-34385 | SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 5.5 | ||
2023-02-11 | CVE-2022-34386 | Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 5.5 | ||
2023-02-11 | CVE-2022-34387 | Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
2023-02-11 | CVE-2022-34388 | Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.1 | ||
2023-02-11 | CVE-2022-34389 | Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 5.3 | ||
2019-06-20 | CVE-2019-3735 | Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
2022-06-10 | CVE-2022-29092 | Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.8 | ||
2022-06-10 | CVE-2022-29093 | Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Authenticated non-admin user could exploit the issue and delete arbitrary files on the system. | Supportassist_for_business_pcs, Supportassist_for_home_pcs | 7.1 |