An Uncontrolled Search Path vulnerability has been discovered in Dell SupportAssist affecting Millions of Business & Home PCs. CVE identifier CVE-2019-12280 has been assigned to this vulnerability. Dell SupportAssist software comes pre-installed on all Dell PCs and this software runs with system-level privileges, which makes an attractive target for an attacker. Dell SupportAssist fails to securely handle DLLs allowing an attacker with regular user permissions to execute arbitrary code with elevated privileges via crafted DLL files in some specific locations.
CVSS v3.0 Severity and Metrics:
Base Score: 6.4 MEDIUM
CVSS v2.0 Severity and Metrics:
Base Score: 9.4 CRITICAL
- Dell SupportAssist for Business PCs version 2.0
- Dell SupportAssist for Home PCs version 3.2.1 and before
To address this vulnerability, the vendor has released version 3.2.2 for Home PCs and 2.0.1 for Business PCs. For more information, please refer to our blog
Use SanerNow platform to apply this critical patch quickly across the organization as shown below.
SanerNow: Vulnerability detection and patching of Dell SupportAssist:
1. Login to SanerNow platform
2. Switch to the account/site specific view and Go to 'VM tool'
3. If your Dell SupportAssist is vulnerable, Saner lists the CVE’s CVE-2019-12280 in 'Top Vulnerabilities' or 'Recently Discovered Vulnerabilities' as shown in the below diagram
4. Search for this vulnerability in VM tool. If you are affected, apply the patch through PM -> Missing Patches
5. Select 'Groups/Devices' in the 'Asset Source' section and click 'Apply'.
6. Select the 'Dell SupportAssist' product from the 'Asset' section as shown in the below diagram.
7. Select 'Apply Selected Patches' at the rightmost corner. This will prompt for 'Creating Patching Task'. Fill in 'Task Name' and 'Remediation Schedule' as per your preference and click on 'Apply Selected Patches' as shown below,
8. Remediation job will be created, which will fix the vulnerabilities by upgrading Dell SupportAssist to 188.8.131.52 (Home PCs)
9. Once remediation is done, the Saner agent automatically scans again and upload the result to SanerNow as shown below,