A critical security vulnerability has been identified in Dell’s SupportAssist for Home PCs, specifically affecting the installer executable version 4.0.3.
This flaw, tracked as CVE-2024-38305, allows local low-privileged authenticated attackers to escalate their privileges, potentially leading to the execution of arbitrary executables with elevated permissions on the operating system.
The vulnerability exists within the installer of Dell SupportAssist, a tool commonly pre-installed on Dell PCs to monitor system health and facilitate troubleshooting.
The flaw permits a local attacker with minimal privileges to exploit the system, enabling them to execute arbitrary code with high-level administrative rights.
This poses a significant security risk, as it could allow malicious actors to install malware or make unauthorized changes to the system.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
The vulnerability has been assigned a CVSS base score of 7.3, indicating a high severity level. The attack vector is local, requiring the attacker to have authenticated access to the system, albeit with low privileges.
Despite the need for local access, the potential impact of this vulnerability is substantial, as it compromises the integrity and confidentiality of the affected systems.
The issue affects Dell SupportAssist for Home PCs version 4.0.3. Dell has released an updated version, 4.3.1, which addresses this security flaw. Users are strongly advised to update their software to the latest version to mitigate the risk of exploitation.
Dell recommends that all users ensure their SupportAssist software is updated to the latest version. For those with automatic updates enabled, the software should update itself.
Users who do not have automatic updates enabled should manually check for updates through the SupportAssist application.
This is not the first time Dell SupportAssist has been found vulnerable. Previous vulnerabilities have also allowed attackers to execute arbitrary code, highlighting the importance of keeping such software up to date to protect against potential security threats.
The discovery of CVE-2024-38305 underscores the ongoing need for vigilance in software security, particularly for widely used applications like Dell SupportAssist. Users are urged to update their systems promptly to safeguard against potential attacks and maintain the security of their devices.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access