DSA-2025-403: Security Update for Dell SupportAssist OS Recovery for an Insertion of Sensitive Information into Externally Accessible File or Directory Vulnerability
Summary: Dell SupportAssist OS Recovery remediation is available for an Insertion of Sensitive Information into Externally Accessible File or Directory vulnerability that could be exploited by malicious users to compromise the affected system. ...
Impact
Medium
Details
|
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025- 46602 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. |
4.4 |
|
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025- 46602 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. |
4.4 |
Affected Products & Remediation
|
Product |
Affected Versions |
Remediated Versions |
Release date (MM/DD/YYYY) |
Link |
|
Dell SupportAssist OS Recovery |
Versions prior to 5.5.15.0 |
Version 5.5.15.0 or later |
10/24/2025 |
|
Product |
Affected Versions |
Remediated Versions |
Release date (MM/DD/YYYY) |
Link |
|
Dell SupportAssist OS Recovery |
Versions prior to 5.5.15.0 |
Version 5.5.15.0 or later |
10/24/2025 |
Dell SupportAssist OS Recovery application assists in Disk Cloning, Reset, Repair functions.
To verify your device is running the remediated version of Dell SupportAssist OS Recovery, follow below steps:
- During boot, press F12 to enter boot settings.
- Select the SupportAssist OS Recovery option in boot menu.
- On load, in splash screen or from the About menu, verify the version information in the launched application.
- If version is 5.5.15.0 or later, then your device is running the remediated version.
OR
- Goto Control Panel -> Programs and Features.
- Check the version information for Dell SupportAssist Remediation.
- If version is 5.5.15.0 or later, then your device is running the remediated version.
If the version is lower than 5.5.15.0 version, please follow below steps to install the 5.5.15.0 version or later:
- Launch Dell SupportAssist OS Recovery application from Windows Start menu.
- Click on Update Software in Home page.
- Select the checkbox for “Check for Updates”.
- Click on Start button to install update.
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2025-10-27 |
Initial Release |
Acknowledgements
CVE-2025-46602: Dell Technologies would like to thank Marius Gabriel Mihai for reporting this issue.