CVE-2023-44283 HIGH

CVE-2023-44283

Vendor Dell

Product SupportAssist for Home PCs

Weakness CWE-284

Published February 14, 2024

Last update August 14, 2024

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC.

Key dates

02Disclosure timeline

February 14, 2024 CVE published

August 14, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-44283 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

Identifiers

CVE CVE-2023-44283

CWE CWE-284

CVSS 7.8 / HIGH

Affected versions

Vendor Dell

Product SupportAssist for Home PCs

Affected ≤ 3.14.1

Vendor Dell

Product SupportAssist for Business PCs

Affected ≤ 3.4.1

CVE-2023-44283

01Description

02Disclosure timeline

03References

04Related CVE