PT-2019-16679 · Dell · Dell Supportassist For Business Pcs+1
Published
2019-06-20
·
Updated
2023-03-04
·
CVE-2019-3735
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell SupportAssist for Business PCs version 2.0
Dell SupportAssist for Home PCs versions 2.2 through 3.2.1
Description
The issue concerns an Improper Privilege Management vulnerability. A malicious local user can exploit this by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine.
Recommendations
For Dell SupportAssist for Business PCs version 2.0, update to a version that addresses the Improper Privilege Management vulnerability.
For Dell SupportAssist for Home PCs versions 2.2 through 3.2.1, update to a version that addresses the Improper Privilege Management vulnerability.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Supportassist For Business Pcs
Dell Supportassist For Home Pcs