"BIOSConnect Code Execution Bugs Impact Millions of Dell Devices"

Eclypsium researchers have discovered a series of vulnerabilities in the BIOSConnect feature of Dell SupportAssist that could allow attackers to remotely execute code on Dell machines. Dell SupportAssist is used to manage support functions, including troubleshooting and recovery. The BIOSConnect feature is used to update firmware and recover an OS when corruption occurs. The critical bug chain received a cumulative CVSS score of 8.3. The exploitation of the security flaws could enable malicious actors to impersonate the vendor and execute attacks on the BIOS/UEFI level in 128 Dell laptops, tablets, and desktop models, including those protected by Secure Boot. An attack launched through the abuse of these flaws would allow adversaries to take control over a device's boot process and subvert the OS and higher-layer security controls. When BIOSConnect connects to Dell's backend HTTP server, any valid wildcard certificate is accepted, thus allowing an attacker to impersonate Dell and deliver attacker-controlled content back to the victim device. The researchers discovered some HTTPS Boot configurations that use the same underlying verification code, potentially leaving them exploitable. Three of the vulnerabilities uncovered by the team are described as overflow bugs, two of which impacted the OS recovery process, while the other existed in the firmware update mechanism. Dell has issued a security advisory and scheduled BIOS/UEFI updates for impacted systems. This article continues to discuss the BIOSConnect code execution bugs affecting millions of Dell devices. 

ZDNet reports "BIOSConnect Code Execution Bugs Impact Millions of Dell Devices"