CVE Daily

CVE-2024-52535

Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist ...

High CVSS 7.1

Overview

Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. A low-privileged authenticated user could potentially exploit this vulnerability, gaining privileges escalation, leading to arbitrary deletion of files and folders from the system.

CWE: CWE-61 Published: 2024-12-25T15:15:07.247
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.1 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags