PC-Doctor Toolbox prior to 7.3 has an Uncontrolled Search Path Element.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
dell supportassist for business pcs 2.0.1
dell supportassist for home pcs 3.2.2
If you don't have auto-update switched on, time to patch
Dell has copped to a flaw in SupportAssist – a Windows-based troubleshooting program preinstalled on nearly every one of its newer devices running the OS – that allows local hackers to load malicious files with admin privileges.
The company has issued an advisory about the flaw, warning that a locally authenticated low-privilege user could exploit the vuln to load arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of malware.
SupportAssist scans t...
Millions of PCs made by Dell and other OEMs are vulnerable to a flaw stemming from a component in pre-installed SupportAssist software. The flaw could enable a remote attacker to completely takeover affected devices.
The high-severity vulnerability (CVE-2019-12280) stems from a component in SupportAssist, a proactive monitoring software pre-installed on PCs with automatic failure detection and notifications for Dell devices. That component is made by a company called PC-Doctor, which deve...
Can't spell SupportAssist without 'ass' and 'u' – other makers may be hit, too
Dell's troubleshooting software SupportAssist, bundled with the US tech titan's home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.
The Texan system slinger today issued an advisory warning that its PC repair tool suffers a privilege-escalation vulnerability, CVE-2019-12280, and needs patching. We're told Dell SupportAssist for Business PCs version 2.0.1 and Dell SupportAssist for Home PCs version 3.2.2 a...