CVE-2023-44283

EPSS 0.07%
Veröffentlicht 14.02.2024 08:15:09
Zuletzt bearbeitet 21.11.2024 08:25:35
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dell ≫ Supportassist For Business Pcs Version >= 3.0 < 3.5.0

Dell ≫ Supportassist For Home Pcs Version >= 3.0 < 3.14.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.209

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security_alert@emc.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://www.dell.com/support/kbdoc/en-us/000219086/dsa-2023-401-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-user-interface-component

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-44283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-44283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-44283

EUVD