Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-39249
HistoryFeb 14, 2024 - 8:15 a.m.

Authentication flaw

2024-02-1408:15:00
PRIOn knowledge base
www.prio-n.com
3
dell supportassist
business pcs
authentication bypass
local
non-admin
privilege
supportassist user interface
temporary
admin

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session. However, the granted privilege is limited solely to the SupportAssist User Interface and automatically expires after 15 minutes.

Related

cvelist 1
cve 1
nvd 1
cnvd 1
cvelist
cvelist
CVE-2023-39249
2024-02-14 07:36:06
cve
cve
CVE-2023-39249
2024-02-14 08:15:09
nvd
nvd
CVE-2023-39249
2024-02-14 08:15:09
cnvd
cnvd
Dell SupportAssist for Business PCs Local Authentication Bypass Vulnerability
2024-02-22 00:00:00

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for PRION:CVE-2023-39249
cvelist1cve1nvd1cnvd1