CVE-2025-38738

Medium CVSS 6.7

Overview

SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

CWE: CWE-266 Published: 2025-08-14T15:15:33.943

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.7 (MEDIUM)
Detected tags: priv_esc (tag impact: HIGH)

Recommended actions:

Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags