Dell SupportAssist Vulnerability Enables Privilege Escalation on PCs

A critical security vulnerability affects Dell SupportAssist for Home PCs, specifically in installer version 4.0.3.

Dell SupportAssist Vulnerability

CVE-2024-38305 lets local low-privileged attackers escalate their privileges and run arbitrary code with higher permissions.

The vulnerability is located in the installer of Dell SupportAssist, a tool often pre-installed on Dell PCs to monitor system health and assist with troubleshooting. This flaw allows a local attacker with low-level privileges to exploit the system and escalate their access to administrative rights.

As a result, the attacker could execute arbitrary code with elevated permissions, posing a significant security risk. This could enable them to install malware, make unauthorized changes, or otherwise compromise the system’s integrity and security.

The vulnerability has been assigned a CVSS base score of 7.3, reflecting its high severity. It requires local access, meaning an attacker must have authenticated access to the system, even with minimal privileges. Despite the need for local access, the vulnerability can severely impact the affected systems by compromising their integrity and confidentiality.

The issue affects Dell SupportAssist for Home PCs version 4.0.3. Dell has addressed this security flaw in an updated version, 4.3.1. To protect against potential exploitation, users are strongly advised to upgrade to the latest version of the software.

Dell Recommendation

Dell advises all users to update their SupportAssist software to the latest version. If automatic updates are enabled, the software should update itself. Users without automatic updates should manually check for updates in the SupportAssist application.

This isn’t the first vulnerability in Dell SupportAssist; previous issues have also allowed code execution, emphasizing the need to keep the software updated for security. The discovery of CVE-2024-38305 highlights the importance of staying vigilant with software security. Users should promptly update their systems to protect against potential attacks and ensure their devices remain secure.