What is the threat?
A security researcher recently discovered a vulnerability (CVE-2019-3719) on Dell laptops and computers, giving full access to remote hijackers. The weakness lies in the Dell Supportable tool, which exposes dell devices to a remote code execution attack. The attacker can gain full admin privileges on the targeted devices after the user visits a malicious website which allows the hacker to gain complete control of over the machine.
Why is this noteworthy?
This vulnerability can target many Dell users because the SupportAssist utility is an application that is pre-installed on the system. The user is misled into visiting a specific website containing JavaScript Code capable of tricking the SupportAssist app into downloading and running malicious files with full admin privileges. This is noteworthy because no user interaction is required once the malicious website is visited.
What is the exposure or risk?
SupportAssist is used to check the health of the user’s hardware and software; hence many users can be misled to visiting the malicious website. Dell was made aware of this vulnerability on October 26, 2019 and has worked endlessly for several months to patch this weakness since a successful attack can cause data breach and loss of personal information along with full system compromise.
What can you do?
On April 23, 2019, Dell released a patch for this security flaw and introduced an updated version of SupportAssist (v3.2.0.90). SkOUT recommends that if you own any Dell machine which runs SupportAssist, install the new version of SupportAssist as soon as possible to protect your system from any data loss.
References:
For more in-depth information about the recommendations, please visit the following link:
- https://www.zdnet.com/google-amp/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/?__twitter_impression=true
- https://www.tier1net.com/dell-supportassist-critical-vulnerability-allows-for-remote-attacks/
If you have any questions, please contact our Secure Intelligence Center.