Allele Security Alert
ASA-2019-00262, CVE-2019-3719, DSA-2019-051
Remote Code Execution Vulnerability
Dell SupportAssist Client
Dell SupportAssist Client versions prior to 22.214.171.124
Dell SupportAssist Client version 126.96.36.199 and later
Proof of concept
Dell SupportAssist Client versions prior to 188.8.131.52 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
Remote Code Execution on most Dell computers
Dell SupportAssist RCE Proof of Concept
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 11, 2019