CVE-2023-44283

EPSS 0.07%
Published 14.02.2024 08:15:09
Last modified 21.11.2024 08:25:35
Source security_alert@emc.com
Teams watchlist Login
Open Login

In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Supportassist For Business Pcs Version >= 3.0 < 3.5.0

Dell ≫ Supportassist For Home Pcs Version >= 3.0 < 3.14.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.209

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security_alert@emc.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://www.dell.com/support/kbdoc/en-us/000219086/dsa-2023-401-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-user-interface-component

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-44283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-44283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-44283

EUVD