CVE-2023-48670: 
Dell SupportAssist for PCs vulnerability analysis and mitigation

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer, identified as CVE-2023-48670. The vulnerability was discovered by Dohyun Lee (@l33d0hyun) and disclosed on December 21, 2023. This security flaw affects the Dell SupportAssist Installer versions up to 3.14.2.45116 (Dell Advisory).

The vulnerability is classified as CWE-426 (Untrusted Search Path) and has received a CVSS v3.1 base score of 7.8 HIGH (NIST: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and 7.3 HIGH from Dell (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). The vulnerability specifically affects the installer component and only impacts first-time installations performed before December 21, 2023 (Dell Advisory, NVD).

If exploited, this vulnerability allows a local low-privileged authenticated attacker to execute arbitrary executables on the operating system with elevated privileges. This represents a significant security risk as it enables privilege escalation from a low-privileged user to higher privileges (Dell Advisory).

Dell has released version 3.14.2.49747 to address this vulnerability. Users with previous versions of SupportAssistinstaller.exe before 3.14.2.45116 should delete the old installer from the download location. No workarounds are available for this vulnerability, making the update the only solution (Dell Advisory).