Security Vulnerabilities fixed in Dell SupportAssist DSA-2020-005
Description
Dell SupportAssist, Dell SupportAssist for PCs, Dell SupportAssist for Home PCs versions 2.0.0 to 2.0.2, 2.1.0 to 2.1.3, 2.2.0 to 2.2.3, 3.0.0 to 3.0.2, 3.1.0, 3.2.0 to 3.2.2, 3.3.0 to 3.3.3, and 3.4.0. In Dell SupportAssist for Business PCs version 2.0.0 to 2.0.2 and 2.1.0 to 2.1.3 have uncontrolled search path vulnerabilities. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.
Affected Applications
Dell SupportAssist for Home PCs
Dell SupportAssist for Business PCs