News

In the utility that is by default installed on Dell computers found serious vulnerability

In Dell SupportAssist utility, that serves for debugging, diagnostic and automatic drivers’ updates is found serious vulnerability (CVE-2019-3719).

It allows remotely perform a code with administrator’s privileges on Dell computers and laptops.

According to experts’ assessments, issue involves significant number of devices, as Dell SupportAssist instrument installed on all Dell’s PCs and laptops that are supplied with Windows (systems that are sold without OS are nor sensitive to vulnerability).

“When we think of Remote Code Execution (RCE) vulnerabilities in mass, we might think of vulnerabilities in the operating system, but another attack vector to consider is “What third-party software came with my PC?”, — warns cybersecurity researcher Bill Demirkapi that discovered a bug.

According to his words, in certain conditions CVE-2019-3719 opens opportunity to intercept control over vulnerable devices. For doing so, intruders have only to lure the victim on the malware web-site that contains JavaScript which makes Dell SupportAssist download and start malware files on a system.

As instruments work with administrator’s rights, attacker will get full access to targeted device.

“When I was learning more about how Dell SupportAssist works, I intercepted different types of requests from Dell’s support site”, — said Bill Demirkapi.

As researcher explained, for having opportunity of remote code performing, intruder have to exercise ARP– and DNS- spoofing attacks on victim’s computer.

Demirkapi presents two possible scenarios: first suggest access to public Wi-Fi networks or large corporate networks, where at least one device can be used for ARP– and DNS– spoofing attacks while second scenario suggests compromising of local router and modification of DNS-traffic directly on the device.

Demirkapi published on GitHub PoC-code for exploitation of vulnerability and presented a video that demonstrates attack in action.

Dell company has already fixed vulnerability with launching of new Dell SupportAssist 3.2.0.90 version, owners of vulnerable Dell devices are advised to install it as soon as possible.

Source: https://d4stiny.github.io

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove Pbmsoultions.com Pop-up Ads

About Pbmsoultions.com Pbmsoultions.com pop-ups can not launch out of the blue. If you have actually…

1 day ago

Remove Prizestash.com Pop-up Ads

About Prizestash.com Prizestash.com pop-ups can not expose out of the blue. If you have actually…

1 day ago

Remove Verifiedbreaking.com Pop-up Ads

About Verifiedbreaking.com Verifiedbreaking.com pop-ups can not launch out of nowhere. If you have actually clicked…

1 day ago

Remove Themoneyminutes.com Pop-up Ads

About Themoneyminutes.com Themoneyminutes.com pop-ups can not launch out of the blue. If you have actually…

1 day ago

Remove News-xcidizi.com Pop-up Ads

About News-xcidizi.com News-xcidizi.com pop-ups can not introduce out of nowhere. If you have clicked some…

1 day ago

Remove Everytraffic-flow.com Pop-up Ads

About Everytraffic-flow.com Everytraffic-flow.com pop-ups can not launch out of nowhere. If you have actually clicked…

1 day ago