Security News > 2021 > June > Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot environment, Eclypsium researchers have found.
The vulnerabilities affect 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. The problem resides in the BIOSConnect feature of Dell SupportAssist, a solution that comes preinstalled on most Windows-based Dell machines and helps users troubleshoot and resolve hardware and software problems.
BIOSConnect helps perform a remote OS recovery or update the firmware on the device, and it does so by connecting to Dell backend services over the internet, downloading the needed software/firmware, and coordinating the recovery/update process.
The researchers disclosed the existence of the vulnerabilities to Dell in March 2021.
The CVE-2021-21571 and CVE-2021-21572 vulnerabilities, on the other hand, require Dell Client BIOS updates.
Users of Dell computers are advised to check the list of vulnerable device models and see whether they are affected.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/wcGMcHdfyi8/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-21572 | Out-of-bounds Write vulnerability in Dell products Dell BIOSConnect feature contains a buffer overflow vulnerability. | 7.5 |
| 2021-06-24 | CVE-2021-21571 | Improper Certificate Validation vulnerability in Dell products Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. | 6.5 |