PT-2023-13370 · Dell · Alienware Update+4

Published

2023-02-10

Updated

2023-02-21

CVE-2022-34384

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell SupportAssist Client Consumer versions 3.11.1 and prior Dell SupportAssist Client Commercial versions 3.2 and prior Dell Command | Update versions prior to 4.5 Dell Update versions prior to 4.5 Alienware Update versions prior to 4.5

Description A Local Privilege Escalation issue exists in the Advanced Driver Restore component, allowing a local malicious user to potentially exploit this issue and gain elevated privileges.

Recommendations For Dell SupportAssist Client Consumer versions 3.11.1 and prior, update to a version later than 3.11.1. For Dell SupportAssist Client Commercial versions 3.2 and prior, update to a version later than 3.2. For Dell Command | Update versions prior to 4.5, update to version 4.5 or later. For Dell Update versions prior to 4.5, update to version 4.5 or later. For Alienware Update versions prior to 4.5, update to version 4.5 or later.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-250CWE-269

Related Identifiers

CVE-2022-34384

Affected Products

Alienware Update

Dell Command | Update

Dell Supportassist Client Commercial

Dell Supportassist Client Consumer

Dell Update

PT-2023-13370 · Dell · Alienware Update+4

CVE-2022-34384

Weakness Enumeration

Related Identifiers

Affected Products

References · 4