Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session. However, the granted privilege is limited solely to the SupportAssist User Interface and automatically expires after 15 minutes.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Vulnerability Type
不充分权限或特权的处理不恰当
Vulnerability Title
Dell SupportAssist for Business PCs 安全漏洞
Vulnerability Description
Dell SupportAssist for Business PCs是美国戴尔(Dell)公司的一款适用于企业电脑的客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist for Business PCs 3.4.0 版本存在安全漏洞,该漏洞源于存在本地身份验证绕过漏洞。
CVSS Information
N/A
Vulnerability Type
N/A