Dell BIOSConnect code execution bugs affect millions of devices

The BIOSConnect feature of Dell SupportAssist has four critical security vulnerabilities that allow attackers to remotely execute code in the BIOS of vulnerable devices.


Most Dell computers running Windows come with the SupportAssist software preloaded, while BIOSConnect offers remote firmware updates and OS recovery.




Eclypsium researchers detected the flaws with a CVSS base score of 8.3/10.


It allows privileged remote attackers to pose as and gain control of the target device’s boot process, allowing them to bypass OS-level security mechanisms.


According to the researchers, such an exploit would allow threat actors to take control of the device’s boot process, as well as corrupt the operating system and higher-layer security mechanisms.


The issue affects 129 Dell laptops, desktops, and tablets for consumers and businesses, including Secure Boot and Dell Secured-core PCs. Around 30 million devices are vulnerable to cyber-attacks.




BIOS, Code Execution, Dell, RCE, Remote Code Execution, Security, InfoSec, Computer Security, Computer Security, CVE-2021-21551, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, cybersecurity news, data breach, Data leak, DBUtil driver, Dell, Dell bios flaw, dell bios security vulnerabilities, dell bios update intel vulnerability, dell bios vulnerability, Dell computer vulnerable, dell driver vulnerability, dell pc hack, hacker news, hacking news, information security, network security, ransomware, ransomware group, ransomware malware, software vulnerability, Computer Security, Computer Security news, computers, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, cyberattack, Cyberattack news, cyberattacks, cybercrime, cybercriminals, cybersafe news, cybersecurity, cybersecurity news now, cybersecurity news today, dark web, data breach, Data leak, data stealing malware, DDoS, Distributed Denial of Service, DuckDuckGo, Email, email security, exploit, Google, hacker news, Hacks, Infected Installer, Info Stealer, information security, Information Stealer, InfoSec, infosec news, Kelihos botnet, latest cybernews today, latest cybersecurity news today, linux, Mac, Malicious email campaign, Malvertising, Malware, malware app, malware removal, mining bots, Mobile Security, network security, Nuclear, online security, personal data exposed, Phishing, Privacy, python bot, ransomware, ransomware attack, ransomware attacks 2021, ransomware gang, ransomware group, ransomware malware, ransomware news, RAT, RCE, recent ransomware attacks, Remote Access Trojan, Remote Code Execution, remote desktop app, remote desktop app virus, remote desktop malware, REvil, rootkit, search engine, Security, security flaw, smartphone, software vulnerability, Spam, spyware, Supply Chain, tech, tech news, tech support, tech updates, technical support, Technology, trojan, virus, virus removal, Vulnerabilities, Vulnerability, Web Security
Source: Eclypsium




A vulnerability known as CVE-2021-21571 has been discovered, resulting in an unsafe TLS communication between BIOS and Dell.


Three overflow vulnerabilities have been discovered (CVE-2021-21572, CVE-2021-21573, and CVE-2021-21574), two of which affect the OS recovery procedure and the third the firmware update process.


Each of the three flaws is distinct, and each one might result in arbitrary code execution in the BIOS.


For all compromised devices, users must upgrade the system BIOS/UEFI.


The researchers also suggest that users apply BIOS updates on their devices via a means other than SupportAssist’s BIOSConnect capability.


On, Dell is offering BIOS/UEFI updates for affected systems, as well as updates to affected executables.


On May 28, 2021, the vulnerabilities CVE-2021-21573 and CVE-2021-21574 were patched on the server side. However, to fully fix the CVE-2021-21571 and CVE-2021-21572 vulnerabilities, Dell Client BIOS updates are required.


Users who are unable to update their systems immediately should disable BIOSConnect via the BIOS setup page or the Dell Command | Configure (DCC) Remote System Management tool.



Also read:


Dell BIOS vulnerability puts millions of Dell devices at risk


Apple patched ninth zero-day bug exploited in the wild this year