1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. Dell SupportAssist for Business PCs

CVE CVE-2019-3735 Mappings

Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit this vulnerability by inheriting a system thread using a leaked thread handle to gain system privileges on the affected machine.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-3735 Dell SupportAssist for Business PCs primary_impact T1068 Exploitation for Privilege Escalation
CVE-2019-3735 Dell SupportAssist for Business PCs exploitation_technique T1078 Valid Accounts