CVE-2025-36613

Low CVSS 2.8

Overview

SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.

CWE: CWE-266 Published: 2025-08-14T15:15:33.773

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.8 (LOW)
Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

Enforce authentication/authorization; reduce default endpoint exposure.

Overview

Recommended tools

Tags