Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
supportassist vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-34392
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.
Dell Supportassist For Home Pcs
7.8
CVSSv3
CVE-2023-48670
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the oper...
Dell Supportassist For Home Pcs 3.14.2.45116
6.5
CVSSv3
CVE-2021-21571
Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a den...
Dell Alienware M15 R6 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G15 5510 Firmware
Dell G15 5511 Firmware
Dell G3 3500 Firmware
Dell G5 5500 Firmware
Dell G7 7500 Firmware
Dell G7 7700 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 15 7510 Firmware
Dell Inspiron 3501 Firmware
Dell Inspiron 3880 Firmware
Dell Inspiron 3881 Firmware
Dell Inspiron 3891 Firmware
Dell Inspiron 5300 Firmware
Dell Inspiron 5301 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5400 2-in-1 Firmware
Dell Inspiron 5400 Aio Firmware
Dell Inspiron 5401 Firmware
2 Articles
7.5
CVSSv3
CVE-2021-21572
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.
Dell Alienware M15 R6 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G15 5510 Firmware
Dell G15 5511 Firmware
Dell G3 3500 Firmware
Dell G5 5500 Firmware
Dell G7 7500 Firmware
Dell G7 7700 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 15 7510 Firmware
Dell Inspiron 3501 Firmware
Dell Inspiron 3880 Firmware
Dell Inspiron 3881 Firmware
Dell Inspiron 3891 Firmware
Dell Inspiron 5300 Firmware
Dell Inspiron 5301 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5400 2-in-1 Firmware
Dell Inspiron 5400 Aio Firmware
Dell Inspiron 5401 Firmware
2 Articles
7.5
CVSSv3
CVE-2021-21573
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.
Dell Alienware M15 R6 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G15 5510 Firmware
Dell G15 5511 Firmware
Dell G3 3500 Firmware
Dell G5 5500 Firmware
Dell G7 7500 Firmware
Dell G7 7700 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 15 7510 Firmware
Dell Inspiron 3501 Firmware
Dell Inspiron 3880 Firmware
Dell Inspiron 3881 Firmware
Dell Inspiron 3891 Firmware
Dell Inspiron 5300 Firmware
Dell Inspiron 5301 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5400 2-in-1 Firmware
Dell Inspiron 5400 Aio Firmware
Dell Inspiron 5401 Firmware
2 Articles
7.5
CVSSv3
CVE-2021-21574
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.
Dell Alienware M15 R6 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G15 5510 Firmware
Dell G15 5511 Firmware
Dell G3 3500 Firmware
Dell G5 5500 Firmware
Dell G7 7500 Firmware
Dell G7 7700 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 15 7510 Firmware
Dell Inspiron 3501 Firmware
Dell Inspiron 3880 Firmware
Dell Inspiron 3881 Firmware
Dell Inspiron 3891 Firmware
Dell Inspiron 5300 Firmware
Dell Inspiron 5301 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5400 2-in-1 Firmware
Dell Inspiron 5400 Aio Firmware
Dell Inspiron 5401 Firmware
2 Articles
NA
CVE-2023-39249
Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privile...
NA
CVE-2023-44283
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalati...
NA
CVE-2023-25535
Dell SupportAssist for Home PCs Installer Executable file version before 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done before 8th March 2023
7
CVSSv3
CVE-2018-1214
Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains even after an upgrade from v1.1 to v1.2. Access to the manag...
Dell Emc Supportassist Enterprise 1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3