2 matches found
CVE-2021-36286
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by anynon-privileged user under some object...
CVE-2021-36286
Dell SupportAssist Client Consumer versions 3.9.13.0 and earlier are affected by an arbitrary file deletion vulnerability tied to NTFS symbolic links and junction points. The clean-files function treats junction points as normal folders, allowing non-privileged users to cause deletion of files ac...