Hi everyone,
I've created a report based on
this Dell security advisory for anyone who currently has Dell SupportAssist deployed.
A critical Remote Code Execution vulnerability has been discovered in Dell SupportAssist (CVE-2019-3719).
The report is color-coded to indicate whether an action is required. Obviously red means you will need to take action while green means you are fine.
Instructions on how to run the report can be found
here.
To get started with Lansweeper, you can
grab your free trial here.
Code:
Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When tblSoftwareUni.softwareName Like '%SupportAssist' And
tblSoftware.softwareVersion < '3.2.0.90' Then 'Vulnerable'
Else 'Safe'
End As Vulnerablity,
tblSoftware.Lastchanged,
Case
When tblSoftwareUni.softwareName Like '%SupportAssist' And
tblSoftware.softwareVersion < '3.2.0.90' Then '#ffadad'
Else '#d4f4be'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%SupportAssist' And
tblState.Statename = 'Active'
Order By tblAssets.IPAddress Desc