CVE-2023-44283

In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:supportassist_for_business_pcs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*

History

17 Oct 2024, 14:29

Type Values Removed Values Added
CPE cpe:2.3:a:dell:supportassist_for_business_pcs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*
References () https://www.dell.com/support/kbdoc/en-us/000219086/dsa-2023-401-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-user-interface-component - () https://www.dell.com/support/kbdoc/en-us/000219086/dsa-2023-401-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-user-interface-component - Vendor Advisory
Summary
  • (es) En Dell SupportAssist para PC domésticas (entre v3.0 y v3.14.1) y SupportAssist para PC empresariales (entre v3.0 y v3.4.1), se identificó un problema de seguridad que afecta a los usuarios autenticados localmente en sus respectivas PC. Este problema puede permitir potencialmente la escalada de privilegios y la ejecución de código arbitrario, en el contexto del sistema Windows y limitado a esa PC local específica.
CWE NVD-CWE-noinfo
First Time Dell
Dell supportassist For Home Pcs
Dell supportassist For Business Pcs

14 Feb 2024, 13:59

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-14 08:15

Updated : 2024-10-17 14:29


NVD link : CVE-2023-44283

Mitre link : CVE-2023-44283

CVE.ORG link : CVE-2023-44283


JSON object : View

Products Affected

dell

  • supportassist_for_business_pcs
  • supportassist_for_home_pcs
CWE
NVD-CWE-noinfo CWE-284

Improper Access Control