VYPR

SupportAssist Client

by Dell

CVEs (3)

  • CVE-2019-3718HigApr 18, 2019
    risk 0.57cvss 8.8epss 0.01

    Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.

  • CVE-2019-3719HigApr 18, 2019
    risk 0.53cvss 8.0epss 0.16

    Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and…

  • CVE-2021-36297HigSep 28, 2021
    risk 0.51cvss 7.8epss 0.00

    SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation…