CVE-2019-3735 : What You Need to Know

Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs versions 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 are affected by an Improper Privilege Management Vulnerability. This vulnerability allows a local user to exploit leaked thread handles to gain system privileges on the affected machine.

Understanding CVE-2019-3735

This CVE involves a privilege escalation vulnerability in Dell SupportAssist software.

What is CVE-2019-3735?

The vulnerability in Dell SupportAssist for Business and Home PCs allows a local user to elevate privileges by exploiting leaked thread handles.

The Impact of CVE-2019-3735

The vulnerability has a CVSS base score of 7 (High severity) with significant impacts on confidentiality, integrity, and availability of the affected systems.

Technical Details of CVE-2019-3735

This section provides detailed technical information about the CVE.

Vulnerability Description

The vulnerability involves improper privilege management in Dell SupportAssist software, enabling unauthorized users to gain elevated system privileges.

Affected Systems and Versions

Dell SupportAssist for Business PCs version 2.0
Dell SupportAssist for Home PCs versions 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1

Exploitation Mechanism

A local user can exploit leaked thread handles to inherit system threads and escalate privileges on the affected Dell SupportAssist installations.

Mitigation and Prevention

Protect your systems from CVE-2019-3735 with the following measures:

Immediate Steps to Take

Disable Dell SupportAssist software until a patch is available.
Monitor system logs for any suspicious activities.

Long-Term Security Practices

Regularly update and patch Dell SupportAssist software.
Implement the principle of least privilege to restrict user access.

Patching and Updates

Apply security patches provided by Dell promptly to address the vulnerability and enhance system security.