Dell released a security update to address a vulnerability, tracked as CVE-2020-5316, in its SupportAssist Client software. The flaw could be exploited by local attackers to execute arbitrary code with Administrator privileges on affected systems.
Dell SupportAssist software is described as a tool that proactively checks the health of system’s hardware and software. When an issue is detected, the necessary system state information is sent to Dell for troubleshooting.
To solve the problems Dell SupportAssist interacts with the Dell Support website and automatically detect Service Tag or Express Service Code of Dell product.
The utility performs hardware diagnostic tests and analyzes the hardware configuration of the system, including installed device drivers, and is able to install missing or available driver updates.
The software leverages a local web service that is protected using the “Access-Control-Allow-Origin” response header and implementing restrictions to accept commands only from the “dell.com” website or its subdomains,
The SupportAssist software is pre-installed on most of all new Dell computers running Windows OS.
“A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code. “reads the security advisory published by Dell.
The issue is an uncontrolled search path vulnerability that was reported by the security expert Eran Shimony from Cyberark. The CVE-2020-5316, flaw received a high severity CVSSv3 base score of 7.8.
The vulnerability affects the following Dell versions:
• Dell for business PCs version 2.1.3 or earlier
• Dell for home PCs version 3.4 or earlier.
Dell addresses the issue with the release of Dell SupportAssist for business PCs version 2.1.4, Dell SupportAssist for home PCs version 3.4.1.
Dell users urge to update the Dell SupportAssist software on their systems as soon as possible.
All versions of SupportAssist will automatically install the latest released versions if automatic upgrades are enabled, otherwise the steps for a manual update of the client for home PCs are:
For manual update of SupportAssist for business PCs, please refer to the Dell SupportAssist for business PCs deployment guide for deployment instructions.
In May 2019, the security researcher Bill Demirkapi discovered a critical remote code execution vulnerability (CVE-2019-3719) in the Dell SupportAssist utility that could be exploited by hackers to compromise systems remotely.
Demirkapi discovered that it is possible to bypass the protections implemented by Dell and download and execute malicious code from a remote server under the control of the attackers.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Dell)
[adrotate banner=”5″]
[adrotate banner=”13″]
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
This website uses cookies.