Untrusted Search Path Vulnerability CVE-2021-36297 for Dell SupportAssist for Home PCs

description-logoDescription

SupportAssist Client version 3.8 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll\'s,

affected-products-logoAffected Applications

Dell SupportAssist for Home PCs

CVE References

CVE-2021-36297