CVE-2025-36613

Published: Aug 14, 2025Modified: Aug 18, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.

Affected (2)

Products: Dell: Supportassist For Business Pcs, Supportassist For Home Pcs

2 products

Supportassist For Business Pcs

Supportassist For Home Pcs

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Dell Supportassist For Business Pcs	Before 4.9.0
Dell Supportassist For Home Pcs	Before 4.8.2.38851

Related CWEs

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

References (1)

https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.