You can now find Cyber Kendra on Google News | Telegram

Remote Code Execution Vulnerability Affects Millions of Dell Devices

Cumulative exploitation of vulnerabilities allows remote code execution on Dell computers with superuser privileges.

Eclypsium has discovered a number of vulnerabilities, the combined exploitation of which allows remote code execution on Dell computers. The vulnerabilities affect the BIOSConnect feature of intelligent technology to maximize the performance of SupportAssist computers. The vulnerability chain scored 8.3 out of a maximum 10 on the CVSS severity scale.

The cumulative exploitation of the vulnerabilities allows attackers to impersonate Dell.com and carry out BIOS / UEFI attacks on 128 Dell laptops, tablets and PCs, including Secure Boot and Secured-core PCs. According to Eclypsium experts, such attacks allow attackers to take control of the system boot process.

Dell SupportAssist technology (usually preinstalled on Dell Windows devices) is used to manage support features, including troubleshooting and recovery. BIOSConnect can be used to recover the OS in case of damage, as well as to update the firmware.

The feature connects to the Dell cloud infrastructure to deliver the requested code to the user's device. Eclypsium researchers discovered four vulnerabilities in this process that could allow a privileged attacker on the network to execute arbitrary code into the BIOS of vulnerable machines.

The first is that any valid certificate is accepted when BIOSConnect connects to the Dell internal HTTP server, allowing an attacker to impersonate Dell and deliver malicious content to the victim's device.

Researchers have also found some HTTPS boot configurations that use the same basic verification code, potentially making them vulnerable to abuse.

Among other things, the experts identified three independent vulnerabilities, described as overflow errors. Two of them affect the OS recovery process, and another one affects the firmware update mechanism. All three vulnerabilities allow attackers to execute arbitrary code in the BIOS.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.