CVE-2022-34387 MEDIUM

CVE-2022-34387

Vendor Dell
Product SupportAssist
Weakness CWE-377
Published February 10, 2023
Last update March 26, 2025

CVSS base score

6.4/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.

Key dates

02Disclosure timeline

February 10, 2023 CVE published
March 26, 2025 Record updated