According to 17 years, old security researcher Bill Demirkap from the US has found Remote code execution vulnerability found in Dell SupportAssist utility. An attacker can execute a remote attack and execute code with admin privilege on the machine.
Dell has released a patch for the bug on 23rd April. Many users have already installed updated tool with used for debugging, diagnostics and Dell drivers auto-updates.
A large number of users are affected by this attack. Dell SupportAssist is pre-installed on Windows Operating System.
Dell took the researcher’s report seriously and has worked for the past months to patch CVE-2019-3719, a task that concluded last week with the release of SupportAssist v18.104.22.168, which Dell users are now advised to install.
Proof of concept
Proof of concept to reproduce an attack is available on GitHub, and Demirkapi also published a demo video showing how easily an attack can lead to a full device compromise. Demirkapi’s vulnerability report, for additional technical details, is available on the young researcher’s blog.