CVE-2025-36612 is a vulnerability classified under CWE-266 (Incorrect Privilege Assignment) found in Dell SupportAssist for Business PCs, specifically in versions 4.5.3 and prior. The flaw arises from improper assignment of privileges within the SupportAssist application, which is designed to assist with system maintenance and support tasks on Dell business computers. A low-privileged attacker who has local access to the affected system can exploit this vulnerability to elevate their privileges, potentially gaining administrative or SYSTEM-level rights. The CVSS v3.1 base score is 6.7, reflecting a medium severity level. The vector indicates the attack requires local access (AV:L), high attack complexity (AC:H), low privileges (PR:L), and user interaction (UI:R). The scope is unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), meaning a successful exploit could lead to full system compromise. No public exploits or patches have been reported at the time of publication. This vulnerability is particularly concerning in enterprise environments where Dell SupportAssist is widely deployed, as it could allow malicious insiders or attackers with limited access to escalate privileges and compromise critical systems. The lack of a patch necessitates proactive mitigation and monitoring by affected organizations.

The potential impact of CVE-2025-36612 is significant for organizations using Dell SupportAssist on business PCs. Successful exploitation could allow a low-privileged local attacker to escalate privileges to administrative levels, enabling full control over the affected system. This could lead to unauthorized access to sensitive data, modification or deletion of critical files, installation of persistent malware, and disruption of system availability. In enterprise environments, such privilege escalation could facilitate lateral movement, data exfiltration, or sabotage. Although exploitation requires local access and user interaction, insider threats or attackers who gain initial footholds through phishing or other means could leverage this vulnerability to deepen their control. The absence of known exploits in the wild reduces immediate risk but does not eliminate it, especially as threat actors often develop exploits rapidly after disclosure. The vulnerability's impact on confidentiality, integrity, and availability underscores the need for urgent attention in organizations with Dell business PCs, particularly those in regulated industries or with high-value assets.

1. Restrict local access to Dell business PCs running SupportAssist to trusted and authorized personnel only. 2. Implement strict user privilege management, ensuring users operate with the least privilege necessary. 3. Monitor systems for unusual privilege escalation attempts or suspicious activity related to SupportAssist processes. 4. Disable or uninstall SupportAssist temporarily if business operations allow, until a patch is released. 5. Maintain up-to-date endpoint detection and response (EDR) solutions capable of detecting privilege escalation behaviors. 6. Apply application whitelisting to prevent unauthorized execution of code with elevated privileges. 7. Educate users about the risks of interacting with unexpected prompts or requests that could trigger exploitation. 8. Regularly check Dell’s official channels for patches or security advisories addressing this vulnerability and apply updates promptly once available. 9. Conduct internal audits to identify systems running vulnerable versions of SupportAssist and prioritize remediation efforts accordingly.