CVE-2022-34392 Information

Description

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.

Reference

https://www.dell.com/support/kbdoc/000204114