PT-2022-19409 · Dell · Dell Supportassist Client Commercial+1

Published

2022-06-10

Updated

2022-06-17

CVE-2022-29092

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell SupportAssist Client Consumer versions 3.11.0 and earlier Dell SupportAssist Client Commercial versions 3.2.0 and earlier

Description A privilege escalation issue exists, allowing a non-admin user to gain admin access to the system. This can be exploited by a non-admin user.

Recommendations For Dell SupportAssist Client Consumer versions 3.11.0 and earlier, update to a version later than 3.11.0 to resolve the issue. For Dell SupportAssist Client Commercial versions 3.2.0 and earlier, update to a version later than 3.2.0 to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2022-29092

Affected Products

Dell Supportassist Client Commercial

Dell Supportassist Client Consumer

PT-2022-19409 · Dell · Dell Supportassist Client Commercial+1

CVE-2022-29092

Weakness Enumeration

Related Identifiers

Affected Products

References · 6