Published on: 02 May 2019
Dell released a security update to address multiple vulnerabilities in Dell SupportAssist Client installed on some Dell devices. A local unauthenticated attacker would entice a user to download arbitrary executables from sites controlled by the attacker to exploit the vulnerabilities.
The researcher who discovered the remote code execution vulnerability (CVE-2019-3719) has recently released the proof-of-concept but fully workable exploit code on the Internet. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
Successful exploitation of the vulnerabilities could lead to remote code execution on an affected system.
Dell has released new versions of the product to address the vulnerabilities. The new versions of the product could be found from the following URL:
https://downloads.dell.com/serviceability/Catalog/SupportAssistInstaller.exe
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://www.dell.com/support/article/hk/zh/hkdhs1/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en
https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/
https://www.hkcert.org/my_url/en/alert/19050201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3718 (to CVE-2019-3719)