Dell Supportassist For Home Pcs
By the Year
In 2022 there have been 0 vulnerabilities in Dell Supportassist For Home Pcs . Last year Supportassist For Home Pcs had 3 security vulnerabilities published. Right now, Supportassist For Home Pcs is on track to have less security vulnerabilities in 2022 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2022 | 0 | 0.00 |
| 2021 | 3 | 7.80 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 7.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Supportassist For Home Pcs vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Supportassist For Home Pcs Security Vulnerabilities
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability
CVE-2021-36297
7.8 - High
- September 28, 2021
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's,
Untrusted Path
Dell SupportAssist for Business PCs versions 2.0
CVE-2020-5316
7.8 - High
- July 22, 2021
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.
DLL preloading
Dell SupportAssist Client for Consumer PCs versions 3.7.x
CVE-2021-21518
7.8 - High
- March 12, 2021
Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges.
DLL preloading
PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.
CVE-2019-12280
7.8 - High
- June 25, 2019
PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.
DLL preloading
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2
CVE-2019-3735
7.8 - High
- June 20, 2019
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine.
Improper Privilege Management
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Supportassist For Home Pcs or by Dell? Click the Watch button to subscribe.
