Security News > 2021 > June > Eclypsium: BIOSConnect Flaws Haunt Millions of Dell Computers

Eclypsium: BIOSConnect Flaws Haunt Millions of Dell Computers
2021-06-24 20:22

Security researchers at Eclypsium have figured out a way to exploit a set of high-severity vulnerabilities that expose millions of Dell computers to stealthy hacker attacks.

In all, Dell shipped patches for at least four documented CVEs credited to Eclypsium researchers Mickey Shkatov and Jesse Michael.

The Eclypsium researchers found the problems in the BIOSConnect feature within Dell Client BIOS. "[This issue] allows a privileged network adversary to impersonate Dell.com and gain arbitrary code execution at the BIOS/UEFI level of the affected device.

The problematic BIOSConnect feature lives within another updating mechanism called SupportAssist that's used to handle update and remote management on Dell computers.

Specifically, the Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability.

Dell confirmed and patched three additional issues identified by Eclypsium, including a buffer overflow bug in Dell BIOSConnec that could allow an authenticated malicious admin user with local access to the system to run arbitrary code and bypass UEFI restrictions.


News URL

http://feedproxy.google.com/~r/securityweek/~3/fo07rnEREQQ/eclypsium-biosconnect-flaws-haunt-millions-dell-computers

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Dell 1678 29 437 430 109 1005