Article Number: 000220677
High
This vulnerability only affects first time installation done before 21 December 2023.
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023-48670 | Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023-48670 | Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. | 7.3 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
SupportAssist for Home PCs | SupportAssist Installer | 3.14.2.45116 | 3.14.2.49747 | SupportAssist for Home PCs |
Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
SupportAssist for Home PCs | SupportAssist Installer | 3.14.2.45116 | 3.14.2.49747 | SupportAssist for Home PCs |
None
Dell would like to thank Dohyun Lee (@l33d0hyun) for reporting this issue.
Revision | Date | Description |
---|---|---|
1.0 | 2023-12-21 | Initial Release |
SupportAssist for Home PCs
22 Dec 2023
1
Dell Security Advisory