- #Dell support assist download update
- #Dell support assist download code
- #Dell support assist download download
- #Dell support assist download windows
SupportAssist was again patched one year later, in February 2020, to address a security flaw due to a DLL search-order hijacking bug that enabled local attackers to execute arbitrary code with Administrator privileges on vulnerable devices.
#Dell support assist download download
Security researcher Tom Forbes found a similar RCE flaw in the Dell System Detect software in 2015, allowing attackers to trigger the buggy program to download and execute arbitrary files without user interaction. This RCE allowed unauthenticated attackers on the same Network Access layer with targeted systems to remotely execute arbitrary executables on unpatched devices. Two years ago, in May 2019, the company patched another high-severity SupportAssist remote code execution (RCE) vulnerability caused by an improper origin validation weakness and reported by security researcher Bill Demirkapi in 2018.
This is not the first time owners of Dell computers have been exposed to attacks by security vulnerabilities found in the SupportAssist software.
#Dell support assist download update
"This combination of remote exploitability and high privileges will likely make remote update functionality an alluring target for attackers in the future, and organizations should make sure to monitor and update their devices accordingly." Dell software plagued by critical flaws "The specific vulnerabilities covered here allow an attacker to remotely exploit the UEFI firmware of a host and gain control over the most privileged code on the device," the researchers concluded. Users who cannot immediately update their systems can disable BIOSConnect from the BIOS setup page or using the Dell Command | Configure (DCC)'s Remote System Management tool. However, the CVE-2021-21571 and CVE-2021-21572 vulnerabilities require Dell Client BIOS updates to be fully addressed. The researchers also recommend using an alternate method other than the SupportAssist's BIOSConnect feature to apply BIOS updates on their devices.ĭell is providing BIOS/UEFI updates for impacted systems and updates to affected executables on .ĬVE-2021-21573 and CVE-2021-21574 don't require require additional customer action as they were addressed server side on May 28, 2021. Users advised not to use BIOSConnect for updating their BIOSĪccording to Eclypsium, users will have to update the system BIOS/UEFI for all affected systems.
"All three vulnerabilities are independent, and each one could lead to arbitrary code execution in BIOS."Īdditional info on the vulnerabilities can be found in Eclypsium's report and the complete list of affected device models in Dell's advisory. Two of the overflow security flaws "affect the OS recovery process, while the other affects the firmware update process," Eclypsium says. The reasearchers identified one issue leading to an insecure TLS connection from BIOS to Dell (tracked as CVE-2021-21571) and three overflow vulnerabilities (CVE-2021-21572, CVE-2021-21573, and CVE-2021-21574). "The issue affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs," with roughly 30 million individual devices exposed to attacks. "Such an attack would enable adversaries to control the device's boot process and subvert the operating system and higher-layer security controls," Eclypsium researchers explain in a report shared in advance with BleepingComputer. The chain of flaws discovered by Eclypsium researchers comes with a CVSS base score of 8.3/10 and enables privileged remote attackers to impersonate and take control of the target device's boot process to break OS-level security controls.
#Dell support assist download windows
Security researchers have found four major security vulnerabilities in the BIOSConnect feature of Dell SupportAssist, allowing attackers to remotely execute code within the BIOS of impacted devices.Īccording to Dell's website, the SupportAssist software is "preinstalled on most Dell devices running Windows operating system," while BIOSConnect provides remote firmware update and OS recovery features.
0 kommentar(er)
