CVE-2021-36286— Dell SupportAssist Client 后置链接漏洞

N/A

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

对路径名的限制不恰当(路径遍历)

Dell SupportAssist Client 后置链接漏洞

Dell SupportAssist Client是美国戴尔（Dell）公司的一款客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist Client Consumer 中存在后置链接漏洞，该漏洞源于产品允许任何用户在任何目录下创建符号链接。攻击者可通过该漏洞与NTFS junction point结合升级特权并任意删除文件。 以下产品及版本受到影响：Dell SupportAssist Client Consumer 3.9.13.0 版本及之前版本。

N/A

N/A