Vulnerabilities > CVE-2022-34387 - Exposure of Resource to Wrong Sphere vulnerability in Dell products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dell

CWE-668

NVD

Published: 2023-02-11

Updated: 2023-11-07

Summary

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Supportassist FOR Business PCS 2.0 Dell Supportassist FOR Business PCS 2.0.0 Dell Supportassist FOR Business PCS 2.0.1 Dell Supportassist FOR Business PCS 2.0.2 Dell Supportassist FOR Business PCS 2.1 Dell Supportassist FOR Business PCS 2.1.0 Dell Supportassist FOR Business PCS 2.1.1 Dell Supportassist FOR Business PCS 2.1.2 Dell Supportassist FOR Business PCS 2.1.3 Dell Supportassist FOR Business PCS 2.2.0 Dell Supportassist FOR Business PCS 3.1.1 Dell Supportassist FOR Business PCS 3.2.0 Dell Supportassist FOR Home PCS - Dell Supportassist FOR Home PCS 2.0 Dell Supportassist FOR Home PCS 2.0.1 Dell Supportassist FOR Home PCS 2.0.2 Dell Supportassist FOR Home PCS 2.1 Dell Supportassist FOR Home PCS 2.1.1 Dell Supportassist FOR Home PCS 2.1.2 Dell Supportassist FOR Home PCS 2.1.3 Dell Supportassist FOR Home PCS 2.2 Dell Supportassist FOR Home PCS 2.2.1 Dell Supportassist FOR Home PCS 2.2.2 Dell Supportassist FOR Home PCS 2.2.3 Dell Supportassist FOR Home PCS 3.0 Dell Supportassist FOR Home PCS 3.0.1 Dell Supportassist FOR Home PCS 3.0.2 Dell Supportassist FOR Home PCS 3.1 Dell Supportassist FOR Home PCS 3.2 Dell Supportassist FOR Home PCS 3.2.1 Dell Supportassist FOR Home PCS 3.2.2 Dell Supportassist FOR Home PCS 3.3 Dell Supportassist FOR Home PCS 3.3.1 Dell Supportassist FOR Home PCS 3.3.2 Dell Supportassist FOR Home PCS 3.3.3 Dell Supportassist FOR Home PCS 3.4 Dell Supportassist FOR Home PCS 3.4.0 Dell Supportassist FOR Home PCS 3.5.0 Dell Supportassist FOR Home PCS 3.6.0 Dell Supportassist FOR Home PCS 3.7.0 Dell Supportassist FOR Home PCS 3.8.0 Dell Supportassist FOR Home PCS 3.9.0 Dell Supportassist FOR Home PCS 3.10.4 Dell Supportassist FOR Home PCS 3.11.2 Dell Supportassist FOR Home PCS 3.11.4	45

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.dell.com/support/kbdoc/000204114