← back
CVE-2019-3735

CVE-2019-3735

CVSS 7 HIGHEPSS 0.3%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
20 Jun 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine.
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Dell · Dell SupportAssist for Business PCsDell · Dell SupportAssist for Home PCs

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.dell.com/support/article/sln317453