Privilege escalation in Dell Supportassist For Business Pcs
CVE-2019-3735
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can…
Vulnerability class: Privilege Escalation
EPSS: 0.003 (17.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Dell Supportassist For Business Pcs — versions 2.0
- Dell Supportassist For Home Pcs — versions 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1
- Dell Supportassist_for_business_pcs — versions 2.0
- Dell Supportassist_for_home_pcs — versions 2.2, 2.2.1, 2.2.2
Weakness classification (CWE)
References
- security_alert@emc.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-3735?
- CVE-2019-3735 is a high-severity vulnerability in Dell Supportassist For Business Pcs, classified under Improper Privilege Management. CVSS score: 7.8/10. Published 2019-06-20.
- How severe is CVE-2019-3735?
- High severity. CVSS v3 base score is 7.8 out of 10.