CVE-2025-43991

CVSS 6.3 MEDIUMEPSS 0.1%CWE-61

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrary files only in that affected system.

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Produtos afetados

Dell · SupportAssist for Business PCs Dell · SupportAssist for Home PCs

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.dell.com/support/kbdoc/en-us/000378367/dsa-2025-362-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities