This vulnerability is widespread and can affect any system using the Dell SupportAssist Client. End users and small businesses are highly impacted.
In order to exploit this vulnerability, an attacker must be able to access the system. After being able to access the system, an attacker can exploit the vulnerability to gain local or remote admin access.
Assigning rights to a user or group of users that are not allowed to perform a certain action on the system (such as install software or change system settings) can potentially increase the risk of a successful exploit. When configuring the installation of software, such as Dell SupportAssist Client, it is best practice to assign Read rights to the group or user.
Dell SupportAssist Client CVE 2017-4223
Dell SupportAssist Client is a software tool used by IT professionals and end users to monitor and manage software installations in a Windows-based computer. Dell SupportAssist Client is vulnerable to a remote code execution vulnerability that can result in local or remote access of the system.
More specifically, the vulnerability allows an attacker to execute arbitrary code on the system from any LDAP server (LDAP://) and execute arbitrary commands with high privilege.
If users are logged into the system when exploitation occurs, they may be exposed to malicious actions. Unfortunately, there is no patch currently available for this vulnerability.
Description of the vulnerability
Dell SupportAssist Client is a software program that allows users to view and interact with the computer remotely. The program was released in December of 2006 and has been the target of many different vulnerabilities. This is due to the low security levels of this program and the lack of updates released on it.
An attacker can easily exploit this vulnerability by accessing the system, then using a series of steps to gain admin privileges. Once they have access, they can perform any action on the system that they are allowed as an administrator user.
This vulnerability is widespread and affects all Dell systems containing this software. It is important to keep in mind that if you are running Dell SupportAssist Client on your system, there is risk for exploitation.
Dell SupportAssist Client Vulnerable
Dell SupportAssist Client is a software designed to make it easier for end users and small businesses to obtain Dell support. The software allows users to access support information, receive assistance with resolving issues, and ask questions of Dell staff. This software is made available on Dell’s website and can also be found in the Windows registry.
An attacker can exploit this vulnerability by accessing the system and running some commands on the local machine or by running remote commands on the target user's computer. The vulnerability is not restricted to one type of service or function; however, it is possible that attackers could exploit this vulnerability to gain local administrative privileges on the system and perform malicious operations without being detected by antivirus software.
Dell SupportAssist Client Vulnerability Confirmed by Dell
Dell is aware of a vulnerability in the Dell SupportAssist Client (DSAC). The vulnerability, CVE-2022-29092, the details of which are described below, may allow an attacker to gain access to systems running DSAC.
Dell has confirmed that this vulnerability exists with this release by including it in the Severity field and assigning it a value of High.
Timeline
Published on: 06/10/2022 20:15:00 UTC
Last modified on: 06/17/2022 16:30:00 UTC