Wednesday, April 24, 2024

Most of the Dell Computers Vulnerable to Remote Hack Through Pre-Installed SupportAssist Software

A critical remote code execution vulnerability that exists with SupportAssist Client software allows attackers to gain access to vulnerable machines remotely.

According to Dell, SupportAssist is an Automated, proactive and predictive client support software that checks system health and send the necessary information to Dell, if any issue triggered. The software found in most of the Dell Computers.

It works by running webservers on the local machine in any of the following port 8884, 8883, 8886, or port 8885 based on the availability to establish a connection with Dell website.

Access-Control-Allow-Origin header used for validation purposes, which ensure the local computer is to accept request only from and not from any other websites.

An independent 17-year-old security researcher, Bill Demirkapi, identified vulnerabilities with integrity check for ClientServiceHandler.ProcessRequest, which allows hackers to bypass the validation and deploy malware on the vulnerable machine.

Bill Demirkapi published a blog post that details various methods to bypass the Referer/Origin check. The Remote Code Execution vulnerability can be tracked as CVE-2019-3719.

Demo video that showcasing the vulnerability.

SupportAssist Client versions prior to are affected with the vulnerability, users are recommended to update with version and later.

“An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites,” reads the advisory.

Dell also patched another vulnerability (CVE-2019-3718), which allows an “unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.”

Now Dell addressed both of these vulnerabilities and the customers are recommended to update with SupportAssist Client version and later.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Related Read

ASUS Hack – Here is the List of MAC Addresses Affected in the ShadowHammer Cyberattack – Live Update

ASUS Hacked – Hackers Hijacked ASUS Company servers to Inject the Malware in Millions of Users Computer

Hackers using Android & iOS Spyware “Pegasus” to Conducting Massive Surveillance Operations in 45 Countries


Latest articles

Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools

AI-powered generative tools have supercharged phishing threats, so even newbie attackers can effortlessly create...

Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code...

CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

This campaign is observed to be targeting multiple countries, including the U.S., Nigeria, Germany,...

Spyroid RAT Attacking Android Users to Steal Confidential Data

A new type of Remote Access Trojan (RAT) named Spyroid has been identified.This...

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles