CVE-2023-39249: 
Dell SupportAssist for PCs vulnerability analysis and mitigation

Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that was discovered and disclosed in February 2024. The vulnerability affects the SupportAssist User Interface and allows locally authenticated non-admin users to gain temporary privilege within the application on their respective PC (Dell Advisory).

The vulnerability (CVE-2023-39249) has been assigned a CVSS v3.1 base score of 6.3 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L. The vulnerability specifically affects the 'Run as Admin' temporary privilege feature, which was designed to enable IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session (Dell Advisory).

The impact of this vulnerability is limited in scope. While it allows for privilege escalation, the granted privileges are restricted solely to the SupportAssist User Interface and automatically expire after 15 minutes. The elevated access can only be used to perform driver scans and Dell-recommended driver installations (Dell Advisory).

Dell has released version 3.4.1 of SupportAssist for Business PCs to address this vulnerability. Users are advised to keep their SupportAssist Business PCs updated to the latest version to mitigate this security issue (Dell Advisory).