CVE-2022-34384

Vulnerability

A local privilege escalation vulnerability exists in the Advanced Driver Restore component of Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 [1]. The vulnerability is classified as a privilege escalation issue where a local malicious user can exploit it to gain higher privileges on the system [1]. Affected versions include SupportAssist Client Consumer up to 3.11.1, SupportAssist Client Commercial up to 3.2, and Dell Command | Update, Dell Update, and Alienware Update before version 4.5 [1].

Exploitation

The attacker must have local access to the system with low privileges [1]. No user interaction is required beyond initial access, and the attack complexity is low [1]. The attacker can exploit the Advanced Driver Restore component to perform operations that lead to privilege escalation [1]. The exact steps are not publicly detailed, but the vulnerability is locally exploitable without authentication beyond existing user privileges [1].

Impact

Successful exploitation allows a local malicious user to achieve privilege escalation, potentially gaining full control of the system [1]. The CVSS vector indicates a high impact on confidentiality, integrity, and availability, with a base score of 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) [1]. This means an attacker can read, modify, or delete sensitive data and disrupt system operations.

Mitigation

Dell released a security update as documented in DSA-2022-190 [1]. Users should update SupportAssist Client Consumer to version 3.12.0 or later, SupportAssist Client Commercial to version 3.3.0 or later, and Dell Command | Update, Dell Update, and Alienware Update to version 4.5 or later [1]. No workarounds are provided; applying the latest updates is the recommended mitigation [1].