• Home
  • Laptops
  • Laptops News
  • Dell Releases Patch for BIOS Flaws That Put Over 30 Million Devices at Risk of Remote Attacks

Dell Releases Patch for BIOS Flaws That Put Over 30 Million Devices at Risk of Remote Attacks

The security flaws affect as many as 129 models of Dell laptops, desktops, and tablets.

Dell Releases Patch for BIOS Flaws That Put Over 30 Million Devices at Risk of Remote Attacks

Photo Credit: Reuters

Dell has released a BIOS update to patch the reported vulnerabilities

Highlights
  • Dell machines are affected by the flaws that existed in BIOSConnect
  • Eclypsium researchers reported about the vulnerabilities
  • Dell Latitude and Alienware laptops are amongst the impacted machines
Advertisement

Dell laptops, desktops, and tablets have four "severe" vulnerabilities that could let hackers take over the devices, affecting over 30 million computers. The company confirmed this and has released a patch for the vulnerability in its BIOSConnect feature. This is designed to enable remote recovery and firmware updates, but also left a door open to hackers. Dell has issued an advisory in response to the vulnerabilities and has started releasing patches for its BIOS available on all of the affected devices.

Security researchers at enterprise device security company Eclypsium discovered the vulnerabilities and researchers said that the issues affect as many as 129 types of Dell laptops, desktops, and tablets. This includes models that are meant specifically for enterprises and are protected by the Secure Boot security standard.

Dell has acknowledged the existence of all four vulnerabilities reported by the Eclypsium researchers. It has also started rolling out patches for BIOS that users can download upon their arrival. Meanwhile, the company has also advised users to disable BIOSConnect. A couple of workarounds for that have been provided on the company's support page.

"These vulnerabilities enable an attacker to remotely execute code in the pre-boot environment. Such code may alter the initial state of an operating system, violating common assumptions on the hardware/ firmware layers and breaking OS-level security controls," the researchers said. The vulnerabilities were discovered on March 2, and Dell was notified about them on March 3, according to Eclypsium.

BIOSConnect is a feature of Dell's SupportAssist remote support system, and comes pre-installed on most Windows-based Dell computers. For companies, this lets them update the firmware and perform remote OS recovery for their employee's laptops and computers. In theory, this should make the machines more secure as the enterprise is able to ensure that everyone's computers are up to date.

Researchers however found that BIOSConnect itself opened the computers up to serious security threats. Of the four vulnerabilities discovered in the preloaded feature, one that is noted as CVE-2021-21571 allows insecure connections for firmware updates.

"When attempting to connect to the backend Dell HTTP server, the TLS connection from BIOSConnect will accept any valid wildcard certificate. This allows an attacker with a privileged network position to impersonate Dell and deliver attacker-controlled content back to the victim device," the researchers explained.

The remaining three issues are classified as overflow vulnerabilities (CVE-2021-21572, CVE-2021-21573, CVE-2021-21574) that could help attackers execute arbitrary code. Two of them are found to be affecting the OS recovery process, while the other one impacts the process of updating the firmware. The researchers said that all three of these vulnerabilities are independent and any of them could be used to execute malicious code in BIOS.

Who all are affected by Dell's BIOSConnect security vulnerability?

The list of affected devices that have started getting BIOS patches includes some recently launched laptops such as the Alienware m15 R6, Dell G5 15 5500, Dell G7 (7500), Dell Inspiron 13 (5310), and the Dell Latitude 7320. There are also recent desktop models such as the OptiPlex 7090 Tower, and the OptiPlex 7780 All-in-One.

This isn't the first time Dell computers are found to be affected by security vulnerabilities. In May, Dell released a security patch for its firmware update driver module to fix as many as five high-severity flaws that had been in use since 2009. The SupportAssist tool also received a fix in 2019 for a critical flaw that had left millions of systems at risk of a privilege-escalation attack.


What were the best games at E3 2021? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Tecno Phantom X With MediaTek Helio G95 SoC, Curved 90Hz Display, 33W Fast Charging Launched: Specifications
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »