CVE-2025-36613
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-14
Last updated on: 2025-08-18
Assigner: Dell
Description
Description
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | supportassist_for_business_pcs | to 4.9.0 (exc) |
| dell | supportassist_for_home_pcs | to 4.8.2.38851 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Incorrect Privilege Assignment in SupportAssist for Home PCs (versions 4.6.3 and prior) and SupportAssist for Business PCs (versions 4.5.3 and prior). It allows a low privileged attacker with local access to potentially exploit the vulnerability, leading to unauthorized access.
How can this vulnerability impact me? :
The vulnerability could allow a low privileged local attacker to gain unauthorized access, which may lead to potential misuse or compromise of the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70