CVE-2024-52535

Published Dec 25, 2024

Last updated a month ago

CVSS high 7.1

Overview

Description
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. A low-privileged authenticated user could potentially exploit this vulnerability, gaining privileges escalation, leading to arbitrary deletion of files and folders from the system.
Source
security_alert@emc.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

security_alert@emc.com
CWE-61
nvd@nist.gov
CWE-59

Social media

Hype score
Not currently trending

  1. CVE-2024-52535 (CVSS:7.1, HIGH) is Awaiting Analysis. Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prio..https://t.co/H1Ah5NZyaE #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    30 Dec 2024

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-52535 Symlink Attack Vulnerability in Dell SupportAssist Enables Privilege Escalation Dell SupportAssist for Home PCs (up to version 4.6.1) and Dell SupportAssist for Business PCs (up to version 4.5.0) h... https://t.co/EVOhMIHqlp

    @VulmonFeeds

    25 Dec 2024

    56 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-52535 Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vu… https://t.co/RsssdWvNUY

    @CVEnew

    25 Dec 2024

    523 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References