June 25, 2021
According to reports, security researchers recently discovered four major vulnerabilities in BIOSConnect, a feature of Dell SupportAssist that provides firmware updates and OS recovery features.
Eclypsium researchers, the researchers behind the discovery explained that an identified problem tracked as CVE-2021-21571 led to an insecure TLS connection from BIOS to Dell along with three overflow vulnerabilities tracked as CVE-2021-21572, CVE-2021-21573 and CVE-2021-21574.
The vulnerabilities also come with a CVSS base value of 8.3/10 that allows privileged remote attackers to imitate Dell.com while taking control of the target device boot process to break OS-level security controls.
In a report shared with Bleeping Computer, the researchers from Eclypsium said: “Such an attack would enable adversaries to control the device’s boot process and subvert the operating system and higher-layer security controls. The issue affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs.”
The researchers also gave a rough estimate of the devices exposed during the attack at about 30 million.
For more information, read the original story in Bleeping Computer.
