Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2020-5316

Published: 22/07/2021 Updated: 02/08/2021
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Supportassist For Business Pcs

Vulnerability Summary

Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dell supportassist for business pcs 2.0

dell supportassist for business pcs 2.0.1

dell supportassist for business pcs 2.0.2

dell supportassist for business pcs 2.1

dell supportassist for business pcs 2.1.1

dell supportassist for business pcs 2.1.2

dell supportassist for business pcs 2.1.3

dell supportassist for home pcs 2.0

dell supportassist for home pcs 2.0.1

dell supportassist for home pcs 2.0.2

dell supportassist for home pcs 2.1

dell supportassist for home pcs 2.1.1

dell supportassist for home pcs 2.1.2

dell supportassist for home pcs 2.1.3

dell supportassist for home pcs 2.2

dell supportassist for home pcs 2.2.1

dell supportassist for home pcs 2.2.2

dell supportassist for home pcs 2.2.3

dell supportassist for home pcs 3.0

dell supportassist for home pcs 3.0.1

dell supportassist for home pcs 3.0.2

dell supportassist for home pcs 3.1

dell supportassist for home pcs 3.2

dell supportassist for home pcs 3.2.1

dell supportassist for home pcs 3.2.2

dell supportassist for home pcs 3.3

dell supportassist for home pcs 3.3.1

dell supportassist for home pcs 3.3.2

dell supportassist for home pcs 3.3.3

dell supportassist for home pcs 3.4

Recent Articles

Tens of millions of biz Dell PCs smacked by privilege-escalation bug in bundled troubleshooting tool
The Register • Laurie Clarke • 11 Feb 2020

If you don't have auto-update switched on, time to patch Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool

Dell has copped to a flaw in SupportAssist – a Windows-based troubleshooting program preinstalled on nearly every one of its newer devices running the OS – that allows local hackers to load malicious files with admin privileges. The company has issued an advisory about the vulnerability, warning that a locally authenticated low-privilege user could exploit the bug to load arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of malware. SupportAssist scans the s...

Read more...

References

CWE-427http://www.dell.com/support/article/SLN320101https://nvd.nist.govhttps://www.theregister.co.uk/2020/02/11/dell_supportassist_flaw/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook