Dell has released an updated version security για να διορθώσει μια ευπάθεια του λογισμικού υποστήριξης που χρησιμοποιεί (SupportAssist Client). SupportAssist allows users from the same Network Access layer who are not authenticated to remotely run malicious executables on vulnerable computers.
Σύμφωνα με τον ιστότοπο της εταιρείας, το λογισμικό SupportAssist είναι "προεγκατεστημένο στις περισσότερες από τις νέες συσκευές της Dell που τρέχουν με το λειτουργικό σύστημα των Windows" και "ελέγχει ενεργά την υγεία του hardware αλλά και του λογισμικού του συστήματος. Όταν ανακαλύπτει ένα πρόβλημα το αποστέλλει στην Dell για να ξεκινήσει την αντιμετώπιση προβλημάτων."
Most new Dell computers are exposed to attacks RCE (Remote code execution).
The defect of the software has been reported as CVE-2019-3719 (CVSSv3) that reaches 8.0 from the National Vulnerability Database (or NVD)).
Dell updated SupportAssist software at the end of April of 2019 after an initial report received from a 17 security researcher (Bill Demirkapi) on 10 October 2018.
Dell advises all its customers to update SupportAssist Client as soon as possible, stating that all versions prior to 3.2.0.90 are vulnerable to remote execution attacks code.
Dell reportedly also repaired an improper origin validation flaw in the SupportAssist Client software reported by John C. Hennessy-ReCar, which has been reported as CVE-2019-3718 with a high-grade 3.0 rating (CVSS v8,8).
Security researcher Bill Demirkapi has discovered that RCE vulnerability can be exploited by attackers using ARP and DNS violations such as describes in detail on proof-of-concept which he published.
Check out the demo video on YouTube showing his PoC
_________________
- Secret Crush: New Feature on Facebook Dating
- Windows 10: Free upgrade works yet
- MIT: researcher solves a puzzle after 20 years
- Windows 10 1903: Termination of passwords
- Exercise in a Box by GCHQ: Try out the strengths of your business for free