The Office of Cybersecurity recently released a warning about Dell’s SupportAssist software containing a set of critical security vulnerabilities and recommending that systems with affected versions should be updated “at the earliest opportunity” (see below for details).
We’ve uploaded content to update out-of-date versions of Dell SupportAssist to the Shared_Fixlets site.
The fixlet is: “DoIT – Update – Dell SupportAssist – 3.2.1.94 (Windows)”
About the Event:
Dell released information regarding two security flaws within the Dell SupportAssist Client.
CVE-2019-3718 was released on April 18th detailing an improper origin validation vulnerability where a remote attacker could execute Cross-Site Request Forgeries. A proof of concept has also been released demonstrating the exploit.
CVE-2019-3719 was released April 24th detailing a vulnerability where an unauthenticated attacker can compromise a system by tricking the user to downloading arbitrary executables via SupportAssist.
Actions to Consider:
The recommended action is to update to Dell SupportAssist Client 3.2.0.90 as all earlier versions are vulnerable.
Event Impact:
Dell rates both vulnerabilities as High and recommends upgrading to SupportAssist Client 3.2.0.90 at the earliest opportunity. Most newer Dell computers come pre-installed with the Dell SupportAssist Client, but older computers may have downloaded the product to help determine necessary drivers for their systems.
References:
https://www.dell.com/support/article/us/en/04/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en
https://nvd.nist.gov/vuln/detail/CVE-2019-3718
https://nvd.nist.gov/vuln/detail/CVE-2019-3719
https://www.bleepingcomputer.com/news/security/dell-computers-exposed-to-rce-attacks-by-supportassist-flaws/