CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34388
https://notcve.org/view.php?id=CVE-2022-34388
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application. • https://www.dell.com/support/kbdoc/000204114 • CWE-312: Cleartext Storage of Sensitive Information CWE-318: Cleartext Storage of Sensitive Information in Executable •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34387
https://notcve.org/view.php?id=CVE-2022-34387
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. • https://www.dell.com/support/kbdoc/000204114 • CWE-377: Insecure Temporary File CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34386
https://notcve.org/view.php?id=CVE-2022-34386
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. • https://www.dell.com/support/kbdoc/000204114 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34385
https://notcve.org/view.php?id=CVE-2022-34385
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. • https://www.dell.com/support/kbdoc/000204114 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-34384
https://notcve.org/view.php?id=CVE-2022-34384
Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. • https://www.dell.com/support/kbdoc/000204114 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •