DSA-2021-052: Dell SupportAssist for Home PCs and Business PCs Security Update for PC-Doctor Plugin Vulnerability
Summary: Dell SupportAssist for Home PCs and Business PCs contain remediation for a PC-Doctor plugin vulnerability that may be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21518 | Dell SupportAssist for Home PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x and Dell SupportAssist for Business PCs versions 2.0.x, 2.1.x, 2.2.x, contain a DLL injection vulnerability in the Costura Fody plugin provided by PC Doctor. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges. | 7.8 | CVSSv3.1: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21518 | Dell SupportAssist for Home PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x and Dell SupportAssist for Business PCs versions 2.0.x, 2.1.x, 2.2.x, contain a DLL injection vulnerability in the Costura Fody plugin provided by PC Doctor. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges. | 7.8 | CVSSv3.1: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) |
Affected Products & Remediation
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| Dell SupportAssist for PCs | Dell SupportAssist for Home PCs 3.7.x, 3.6.x, 3.4.x, and 3.3.x Dell SupportAssist for Business PCs 2.0.x, 2.1.x, and 2.2.x |
Dell SupportAssist for Home PCs 3.8.0 Dell SupportAssist for Business PCs 2.3.0 |
Dell SupportAssist for Home PC Dell SupportAssist for Business PC |
Dell recommends all customers upgrade at the earliest opportunity.
Method 1: Auto Update Enabled
All versions of SupportAssist automatically upgrade to the latest version available if automatic upgrades are enabled. Customers can check which version they are running and upgrade to a newer version of SupportAssist, if available.
Method 2: Manual Update
Steps for manual update of SupportAssist for Home PCs:
- Open SupportAssist.
- On the top-right corner of the SupportAssist window, click the ‘Settings’ icon, and then click ‘About SupportAssist’. SupportAssist automatically checks if a newer version of SupportAssist is available.
- If no update is available, a message indicating that the latest version of SupportAssist is installed is displayed.
- If a newer version of SupportAssist is available, the ‘Update Now’ link is displayed.
- Upon clicking Update Now, the latest version of SupportAssist is downloaded and installed on the system.
Visit the Dell Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| Dell SupportAssist for PCs | Dell SupportAssist for Home PCs 3.7.x, 3.6.x, 3.4.x, and 3.3.x Dell SupportAssist for Business PCs 2.0.x, 2.1.x, and 2.2.x |
Dell SupportAssist for Home PCs 3.8.0 Dell SupportAssist for Business PCs 2.3.0 |
Dell SupportAssist for Home PC Dell SupportAssist for Business PC |
Dell recommends all customers upgrade at the earliest opportunity.
Method 1: Auto Update Enabled
All versions of SupportAssist automatically upgrade to the latest version available if automatic upgrades are enabled. Customers can check which version they are running and upgrade to a newer version of SupportAssist, if available.
Method 2: Manual Update
Steps for manual update of SupportAssist for Home PCs:
- Open SupportAssist.
- On the top-right corner of the SupportAssist window, click the ‘Settings’ icon, and then click ‘About SupportAssist’. SupportAssist automatically checks if a newer version of SupportAssist is available.
- If no update is available, a message indicating that the latest version of SupportAssist is installed is displayed.
- If a newer version of SupportAssist is available, the ‘Update Now’ link is displayed.
- Upon clicking Update Now, the latest version of SupportAssist is downloaded and installed on the system.
Visit the Dell Drivers & Downloads site for updates on the applicable products.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Revision History
| Revision | Date | Description |
| 1.0 | 2021-03-10 | Initial Release |
Acknowledgements
Dell would like to thank Richard Warren of NCC Group for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
SupportAssist for Home PCs, Product Security Information, SupportAssist for Business PCsArticle Properties
Article Number: 000184012
Article Type: Dell Security Advisory
Last Modified: 18 Sep 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.