CVE-2025-38738

Published: Aug 14, 2025Modified: Aug 18, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Affected (1)

Products: Dell: Supportassist For Home Pcs

1 product

Supportassist For Home Pcs

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Supportassist For Home Pcs	Before 4.8.2.38851

Related CWEs

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

References (1)

https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.