VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 10, 2023· Updated Mar 26, 2025

CVE-2022-34388

CVE-2022-34388

Description

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Dell SupportAssist for Home and Business PCs prior to versions 3.11.5 and 3.2.1 contain a local information disclosure vulnerability allowing low-privileged attackers to view and modify sensitive database information.

Vulnerability

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain an information disclosure vulnerability [1]. The issue resides in the application's database handling, where a local malicious user with low privileges can view and modify sensitive information stored in the database.

Exploitation

An attacker with low-privileged access to the affected system can exploit this vulnerability by accessing the SupportAssist database directly or through the application's functionality, bypassing access controls to read and alter sensitive data. No user interaction or additional privileges beyond low-level access are required.

Impact

Successful exploitation allows the attacker to view and modify sensitive data within the SupportAssist database, potentially including personal information or system configurations. This compromises the confidentiality and integrity of the stored data, though the attacker's privilege level remains low.

Mitigation

Dell has released security updates to address this vulnerability. Users should upgrade SupportAssist for Home PCs to version 3.11.5 or later, and SupportAssist for Business PCs to version 3.2.1 or later, as recommended in the vendor advisory [1]. No workarounds are currently available.

References
  1. DSA-2022-190- Dell SupportAssist for Home and Business PCs Security Update for Multiple Proprietary Code Vulnerabilities.

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.