CVE-2022-29092

Опубликовано: 10 июн. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system.

Ссылки

https://www.dell.com/support/kbdoc/en-us/000200456/dsa-2022-139-dell-supportassist-for-home-pcs-and-business-pcs-security-update-for-multiple-security-vulnerabilities
Release Notes
Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000200456/dsa-2022-139-dell-supportassist-for-home-pcs-and-business-pcs-security-update-for-multiple-security-vulnerabilities
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:supportassist_for_business_pcs:*:*:*:*:*:*:*:*

Версия до 3.2.0 (включая)

cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*

Версия до 3.11.0 (включая)

EPSS

Процентиль: 17%

0.00054

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-cp6v-m93c-8q82