Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Supportassist For Business Pcs
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3735 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-03-03 7.2 HIGH 7.8 HIGH
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine.
CVE-2022-34384 1 Dell 5 Alienware Update, Command Update, Supportassist For Business Pcs and 2 more 2023-02-21 N/A 7.8 HIGH
Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation.
CVE-2022-34386 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-02-21 N/A 5.5 MEDIUM
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information.
CVE-2022-34385 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-02-21 N/A 5.5 MEDIUM
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information.
CVE-2022-34387 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-02-21 N/A 7.8 HIGH
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.
CVE-2022-34388 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-02-21 N/A 7.1 HIGH
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application.
CVE-2022-34389 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2023-02-21 N/A 5.3 MEDIUM
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician.
CVE-2022-29092 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2022-06-17 7.2 HIGH 7.8 HIGH
Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system.
CVE-2022-29093 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2022-06-17 3.6 LOW 7.1 HIGH
Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Authenticated non-admin user could exploit the issue and delete arbitrary files on the system.
CVE-2022-29095 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2022-06-17 7.6 HIGH 9.6 CRITICAL
Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system.
CVE-2022-29094 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2022-06-17 3.6 LOW 7.1 HIGH
Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability. Authenticated non-admin user could exploit the issue and delete or overwrite arbitrary files on the system.
CVE-2020-5316 1 Dell 2 Supportassist For Business Pcs, Supportassist For Home Pcs 2021-08-02 4.6 MEDIUM 7.8 HIGH
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.
CVE-2021-21518 1 Dell 3 Supportassist Client Promanage, Supportassist For Business Pcs, Supportassist For Home Pcs 2021-03-19 7.2 HIGH 7.8 HIGH
Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges.
CVE-2019-12280 2 Dell, Pc-doctor 3 Supportassist For Business Pcs, Supportassist For Home Pcs, Toolbox 2019-06-26 6.8 MEDIUM 7.8 HIGH
PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.