Dell SupportAssist for Home PCs Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in the Dell SupportAssist for Home PCs Installer executable, affecting versions through 4.8.2.29006. This vulnerability allows a low-privileged attacker with local access to exploit the installer, potentially leading to unauthorized elevation of privileges. The issue is active only during the installation process and does not affect already installed versions of SupportAssist for Home PCs.

Impact

Exploitation of this vulnerability could allow a low-privileged attacker with local access to gain elevated privileges on the system.

Remediation

Users do not need to take any action if they have SupportAssist for Home PCs already installed. The vulnerability has been addressed in SupportAssistInstaller.exe version 4.8.2.38851, which is now being deployed to systems in production. This update will apply to new installations and future upgrades of SupportAssist for Home PCs.