CVE-2022-34387 in SupportAssist for Home PCs
Summary
by MITRE • 02/11/2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 05/05/2026
The vulnerability identified as CVE-2022-34387 affects Dell SupportAssist software versions 3.11.4 and earlier for home PCs, and version 3.2.0 and earlier for business PCs. This privilege escalation flaw represents a critical security weakness that undermines the integrity of the affected systems. The vulnerability exists within the software's privilege management mechanisms, creating an exploitable condition that allows authenticated local users to escalate their privileges beyond normal system limitations.
The technical flaw stems from inadequate privilege validation and access control implementation within the SupportAssist application. When a user executes certain operations within the software, the system fails to properly verify whether the executing user possesses sufficient privileges to perform the requested actions. This weakness enables a malicious user who has already gained local authentication access to manipulate the application's privilege handling routines and elevate their privileges to system administrator level. The vulnerability can be exploited through direct manipulation of application components or by leveraging specific API calls that bypass normal privilege checks.
The operational impact of this vulnerability is severe and far-reaching for organizations and individual users alike. An attacker who successfully exploits this privilege escalation vulnerability gains complete control over the affected system, enabling them to install malicious software, modify system configurations, access sensitive data, and potentially establish persistent backdoors. The implications extend beyond individual devices to potentially compromise entire network infrastructures if the attacker uses the elevated privileges to move laterally across connected systems. This vulnerability particularly affects environments where SupportAssist is deployed, as it provides a direct path for attackers to gain unauthorized administrative access to endpoints.
Mitigation strategies for CVE-2022-34387 should prioritize immediate software updates from Dell to address the privilege escalation flaw. Organizations must ensure all affected SupportAssist installations are upgraded to patched versions that properly implement privilege validation controls. System administrators should conduct comprehensive vulnerability assessments to identify all affected devices and implement network segmentation to limit the potential impact of exploitation. The vulnerability aligns with CWE-276, which addresses improper privilege management, and represents a significant concern under the ATT&CK framework's privilege escalation tactics. Additional defensive measures include implementing application whitelisting policies, monitoring for unusual privilege escalation activities, and maintaining strict access controls to prevent unauthorized local system access that could facilitate exploitation of this vulnerability.