Fortiguard

Untrusted Search Path Vulnerability CVE-2021-36297 for Dell SupportAssist for Home PCs

Description

SupportAssist Client version 3.8 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\'s,

Affected Applications

Dell SupportAssist for Home PCs

CVE References

CVE-2021-36297

Other References

https://www.dell.com/support/kbdoc/en-ca/000191057/

ID	4274
Created	Feb 23, 2022
Description Updated	Feb 23, 2022
Severity
Coverage	FortiClient
OS	Windows
Vendor	Dell
Patch	manual
Application	Dell SupportAssist for Home PCs

Network

Files and Endpoint

Application

Additional SOC Services

Threat Encyclopedia

Untrusted Search Path Vulnerability CVE-2021-36297 for Dell SupportAssist for Home PCs

Description

Affected Applications

CVE References

Other References

Telemetry

News / Research

Network

Files and Endpoint

Application

Additional SOC Services

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer

FortiCWP

FortiWeb

FortiNDR

FortiSandBox

FortiTester

Threat Lookup

PSIRT

Resources

Threat Encyclopedia

Untrusted Search Path Vulnerability CVE-2021-36297 for Dell SupportAssist for Home PCs

Description

Affected Applications

CVE References

Other References

Telemetry