7.9
CVSSv2

CVE-2019-3719

Published: 18/04/2019 Updated: 13/05/2019
CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5
CVSS v3 Base Score: 8 | Impact Score: 5.9 | Exploitability Score: 2.1
VMScore: 704
Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Dell SupportAssist Client versions before 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.

Vulnerability Trend

Affected Products

Vendor Product Versions
DellSupportassist-

Github Repositories

Dell SupportAssist RCE Proof of Concept This is the proof of concept source code for CVE-2019-3719, a vulnerability in most of all Dell machines that allowed for remote code execution Usage python3 mainpy [Interface Name] [Victim IP] [Gateway IP] [Payload Filename]

Dell SupportAssist RCE Proof of Concept This is the proof of concept source code for CVE-2019-3719, a vulnerability in most of all Dell machines that allowed for remote code execution Usage python3 mainpy [Interface Name] [Victim IP] [Gateway IP] [Payload Filename]

Dell SupportAssist RCE Proof of Concept This is the proof of concept source code for CVE-2019-3719, a vulnerability in most of all Dell machines that allowed for remote code execution See the blog post here Usage python3 mainpy [Interface Name] [Victim IP] [Gateway IP] [Payload Filename]

Recent Articles

Dell Computers Exposed to RCE Attacks by SupportAssist Flaws
BleepingComputer • Sergiu Gatlan • 01 May 2019

Dell issued a security update to patch a SupportAssist Client software vulnerability which allows potential unauthenticated attackers on the same Network Access layer to remotely execute arbitrary executables on vulnerable computers.
According to Dell's website, the SupportAssist software is "preinstalled on most of all new Dell devices running Windows operating system" and it "proactively checks the health of your system’s hardware and software. When an issue is detected, the necessar...