UEFI level

2021-06-24 11:27

An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot environment, Eclypsium researchers have found.

The vulnerabilities affect 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. The problem resides in the BIOSConnect feature of Dell SupportAssist, a solution that comes preinstalled on most Windows-based Dell machines and helps users troubleshoot and resolve hardware and software problems.

BIOSConnect helps perform a remote OS recovery or update the firmware on the device, and it does so by connecting to Dell backend services over the internet, downloading the needed software/firmware, and coordinating the recovery/update process.

The researchers disclosed the existence of the vulnerabilities to Dell in March 2021.

The CVE-2021-21571 and CVE-2021-21572 vulnerabilities, on the other hand, require Dell Client BIOS updates.

Users of Dell computers are advised to check the list of vulnerable device models and see whether they are affected.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/wcGMcHdfyi8/

#bios #dell #RCE #uefi #vulnerabilities #CVE-2021-21572 #CVE-2021-21571

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-24	CVE-2021-21572	Out-of-bounds Write vulnerability in Dell products Dell BIOSConnect feature contains a buffer overflow vulnerability. local dell CWE-787	6.9
2021-06-24	CVE-2021-21571	Improper Certificate Validation vulnerability in Dell products Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. network dell CWE-295	5.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Dell		1650	96	430	286	92	904