Security News > 2021 > June > Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level

Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
2021-06-24 11:27

An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot environment, Eclypsium researchers have found.

The vulnerabilities affect 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. The problem resides in the BIOSConnect feature of Dell SupportAssist, a solution that comes preinstalled on most Windows-based Dell machines and helps users troubleshoot and resolve hardware and software problems.

BIOSConnect helps perform a remote OS recovery or update the firmware on the device, and it does so by connecting to Dell backend services over the internet, downloading the needed software/firmware, and coordinating the recovery/update process.

The researchers disclosed the existence of the vulnerabilities to Dell in March 2021.

The CVE-2021-21571 and CVE-2021-21572 vulnerabilities, on the other hand, require Dell Client BIOS updates.

Users of Dell computers are advised to check the list of vulnerable device models and see whether they are affected.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/wcGMcHdfyi8/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-21572 Out-of-bounds Write vulnerability in Dell products
Dell BIOSConnect feature contains a buffer overflow vulnerability.
local
high complexity
dell CWE-787
7.5
2021-06-24 CVE-2021-21571 Improper Certificate Validation vulnerability in Dell products
Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability.
network
high complexity
dell CWE-295
6.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Dell 1664 29 430 411 109 979