CVE-2023-48670 HIGH

CVE-2023-48670

Vendor Dell
Product SupportAssist Client Consumer
Weakness CWE-426
Published December 22, 2023
Last update February 25, 2026

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.

Key dates

02Disclosure timeline

December 22, 2023 CVE published
February 25, 2026 Record updated