DSA-2025-456: Security Update for Dell SupportAssist OS Recovery for Multiple Creation of Temporary File With Insecure Permissions Vulnerabilities
Summary: Dell SupportAssist OS Recovery remediation is available for multiple Creation of Temporary File with Insecure Permissions vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-46684 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. |
6.6 |
|
|
CVE-2025-46685 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. |
7.5 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-46684 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. |
6.6 |
|
|
CVE-2025-46685 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. |
7.5 |
Affected Products & Remediation
|
Product |
Affected Versions |
Remediated Versions |
Release date (MM/DD/YYYY) |
Link |
|
Dell SupportAssist OS Recovery |
Versions prior to 5.5.15.1 |
Version 5.5.15.1 or later |
12/16/2025 |
|
Product |
Affected Versions |
Remediated Versions |
Release date (MM/DD/YYYY) |
Link |
|
Dell SupportAssist OS Recovery |
Versions prior to 5.5.15.1 |
Version 5.5.15.1 or later |
12/16/2025 |
Dell SupportAssist OS Recovery application assists in Disk Cloning, Reset, Repair functions.
Sell SupportAssist OS Recovery Plugin for Dell Update assists in installing or updating the Dell SupportAssist OS Recovery application to the latest version.
To verify your device is running the remediated version of Dell SupportAssist OS Recovery Plugin, follow below steps:
- Goto Control Panel -> Programs and Features.
- Check the version information for Dell SupportAssist OS Recovery Plugin for Dell Update.
- If version is 5.5.15.1 or later, then your device is running the remediated version.
If the version is lower than 5.5.15.1 version, please follow below steps to install the 5.5.15.1 version or later:
- Launch Dell SupportAssist application from Windows Start menu.
- Click on Update Software in Home page.
- Select the checkbox for “Check for Updates”.
- Latest Dell SupportAssist OS Recovery Plugin for Dell Update will be listed for update
- Click on Start button to install update.
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2026-01-12 |
Initial Release |
Acknowledgements
Dell Technologies would like to thank falconCorrup for reporting these issues.
Related Information
Legal Disclaimer
Affected Products
SupportAssist OS RecoveryArticle Properties
Article Number: 000401506
Article Type: Dell Security Advisory
Last Modified: 12 Jan 2026
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.