Users advised not to use BIOSConnect for updating their BIOSĪccording to Eclypsium, users will have to update the system BIOS/UEFI for all affected systems. "All three vulnerabilities are independent, and each one could lead to arbitrary code execution in BIOS."Īdditional info on the vulnerabilities can be found in Eclypsium's report and the complete list of affected device models in Dell's advisory. Two of the overflow security flaws "affect the OS recovery process, while the other affects the firmware update process," Eclypsium says. The reasearchers identified one issue leading to an insecure TLS connection from BIOS to Dell (tracked as CVE-2021-21571) and three overflow vulnerabilities (CVE-2021-21572, CVE-2021-21573, and CVE-2021-21574). "The issue affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs," with roughly 30 million individual devices exposed to attacks. "Such an attack would enable adversaries to control the device's boot process and subvert the operating system and higher-layer security controls," Eclypsium researchers explain in a report shared in advance with BleepingComputer. The chain of flaws discovered by Eclypsium researchers comes with a CVSS base score of 8.3/10 and enables privileged remote attackers to impersonate and take control of the target device's boot process to break OS-level security controls. Security researchers have found four major security vulnerabilities in the BIOSConnect feature of Dell SupportAssist, allowing attackers to remotely execute code within the BIOS of impacted devices.Īccording to Dell's website, the SupportAssist software is "preinstalled on most Dell devices running Windows operating system," while BIOSConnect provides remote firmware update and OS recovery features.
0 kommentar(er)
