Eclypsium researchers discovered four vulnerabilities in the BiosConnect functionality of Dell computers. If exploited in series, these vulnerabilities pose a high risk. Dell has been notified since March and recommends a BIOS update.
The vulnerabilities were found in Dell’s BiosConnect functionality. That is a function of the SupportAssist-software which comes preinstalled on most Dell computers. Via BiosConnect, users can perform a recovery of the operating system and/or update the firmware of the affected computers. “The computer connects to Dell’s servers for this”, it sounds to the researchers. “In this process, we discovered a series of four vulnerabilities that could allow attackers to commit a arbitrary code execution at the bios level.”
According to the researchers, malicious parties can influence the operating system’s loading process and disable security mechanisms in order to remain noticed. They state that 129 models are at risk. According to them, that is more than 30 million Dell devices. The researchers provide more information on their blog page. Full technical details will be revealed in August at the DEF CON 29 hacker conference, which will take place in Las Vegas from August 5-8.
Dell sets on a support page notes that it has since been able to fix two of the four vulnerabilities because they were on the server side. For the other two vulnerabilities, Dell recommends updating the BIOS of the Dell device manually, and not through the BIOSConnect software.
—