Allele Security Alert
ASA-2019-00262, CVE-2019-3719, DSA-2019-051
Remote Code Execution Vulnerability
Dell SupportAssist Client
Dell SupportAssist Client versions prior to 18.104.22.168
Dell SupportAssist Client version 22.214.171.124 and later
Proof of concept
Dell SupportAssist Client versions prior to 126.96.36.199 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
Remote Code Execution on most Dell computers
Dell SupportAssist RCE Proof of Concept
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 11, 2019