CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39249
https://notcve.org/view.php?id=CVE-2023-39249
Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session. However, the granted privilege is limited solely to the SupportAssist User Interface and automatically expires after 15 minutes. Dell SupportAssist para PC empresariales versión 3.4.0 contiene una vulnerabilidad de omisión de autenticación local que permite a los usuarios no administradores autenticados localmente obtener privilegios temporales dentro de la interfaz de usuario de SupportAssist en sus respectivas PC. La función de privilegio temporal Ejecutar como administrador permite a los administradores de sistemas/TI realizar análisis de controladores e instalaciones de controladores recomendadas por Dell sin necesidad de cerrar sesión en la sesión de usuario local que no es administrador. • https://www.dell.com/support/kbdoc/en-us/000216574/security-update-for-dell-supportassist-for-business-pcs-vulnerability • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25535
https://notcve.org/view.php?id=CVE-2023-25535
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 La versión del archivo ejecutable del instalador de Dell SupportAssist para PC domésticas anterior a 3.13.2.19 utilizado para la instalación inicial tiene una alta vulnerabilidad que puede resultar en una escalada de privilegios local (LPE). Esta vulnerabilidad solo afecta a las instalaciones realizadas por primera vez antes del 8 de marzo de 2023. • https://www.dell.com/support/kbdoc/en-us/000211410/dell-supportassist-for-home-pcs-security-update-for-installer-executable-file-for-local-privilege-escalation-lpe-vulnerability • CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36286
https://notcve.org/view.php?id=CVE-2021-36286
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin. Dell SupportAssist Client Consumer versiones 3.9.13.0 y todas las versiones anteriores a 3.9.13.0, contienen una vulnerabilidad de eliminación de archivos arbitrarios que puede ser explotada al usar la función de Windows de NTFS denominada enlaces Simbólicos. • https://www.dell.com/support/kbdoc/en-us/000191057/dsa-2021-163-dell-supportassist-client-consumer-security-update-for-two-vulnerabilities • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •