// For flags

CVE-2021-36286

 

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin.

Dell SupportAssist Client Consumer versiones 3.9.13.0 y todas las versiones anteriores a 3.9.13.0, contienen una vulnerabilidad de eliminación de archivos arbitrarios que puede ser explotada al usar la función de Windows de NTFS denominada enlaces Simbólicos. Los enlaces Simbólicos pueden ser creados por cualquier usuario (no privilegiados) bajo algunos directorios de objetos, pero por sí mismos no son suficientes para escalar los privilegios con éxito. Sin embargo, combinarlos con un objeto diferente, como el punto de unión NTFS permite una explotación. La funcionalidad Support assist clean files no distingue los puntos de unión de la carpeta física y procede a limpiar el objetivo de la unión que permite a usuarios no privilegiados crear puntos de unión y eliminar archivos arbitrarios en el sistema a los que sólo puede acceder el administrador

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-07-08 CVE Reserved
  • 2021-09-28 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dell
Search vendor "Dell"
 Supportassist Client Consumer
Search vendor "Dell" for product "Supportassist Client Consumer"
 <= 3.9.13.0
Search vendor "Dell" for product "Supportassist Client Consumer" and version " <= 3.9.13.0"
-
Affected