CVE-2025-36613

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-36613
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.

2.8 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:supportassist_for_business_pcs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*
History

18 Aug 2025, 18:12

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities - Vendor Advisory
First Time Dell supportassist For Home Pcs
Dell
Dell supportassist For Business Pcs
Summary
  • (es) SupportAssist para PC domésticos (versión 4.6.3 y anteriores) y SupportAssist para PC empresariales (versión 4.5.3 y anteriores) presentan una vulnerabilidad de asignación incorrecta de privilegios. Un atacante con pocos privilegios y acceso local podría explotar esta vulnerabilidad y provocar un acceso no autorizado.
CPE cpe:2.3:a:dell:supportassist_for_home_pcs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:supportassist_for_business_pcs:*:*:*:*:*:*:*:*

14 Aug 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-14 15:15

Updated : 2025-08-18 18:12

NVD link : CVE-2025-36613

Mitre link : CVE-2025-36613

CVE.ORG link : CVE-2025-36613

JSON object : View

Products Affected

dell

  • supportassist_for_home_pcs
  • supportassist_for_business_pcs
CWE
CWE-266

Incorrect Privilege Assignment