{"id":124274,"date":"2021-06-25T19:22:58","date_gmt":"2021-06-26T02:22:58","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/06\/vulnerabilities-in-dell-laptops-software-allow-hackers-to-execute-code-remotely-in-millions-of-devices"},"modified":"2021-06-25T19:22:58","modified_gmt":"2021-06-26T02:22:58","slug":"vulnerabilities-in-dell-laptops-software-allow-hackers-to-execute-code-remotely-in-millions-of-devices","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/06\/vulnerabilities-in-dell-laptops-software-allow-hackers-to-execute-code-remotely-in-millions-of-devices","title":{"rendered":"Vulnerabilities in Dell laptops\u2019 software allow hackers to execute code remotely in millions of devices"},"content":{"rendered":"<p><\/p>\n<p><iframe style=\"display: block; margin: 0 auto; width: 100%; aspect-ratio: 4\/3; object-fit: contain;\" src=\"https:\/\/www.youtube.com\/embed\/CeYLyeWhi4E?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope;\n   picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<p>Cybersecurity experts reported the detection of at least four flaws in <strong><a href=\"https:\/\/www.securitynewspaper.com\/2020\/12\/03\/dell-is-sued-for-customer-data-leaking-that-resulted-in-years-of-fraudulent-calls\/\" target=\"_blank\" rel=\"noreferrer noopener\">Dell<\/a> SupportAsist\u2019s<\/strong> <strong>BIOSConnect<\/strong> feature, the exploitation of which would allow threat actors to deploy remote code to affected devices. It should be noted that this software is preinstalled by default on most Dell computers running Windows systems, and BIOSConnect allows remote firmware update and some operating system recovery features.<\/p>\n<p>This set of flaws received a score of 8.3\u00f710 on the <strong>Common Vulnerability Scoring System <a href=\"https:\/\/www.securitynewspaper.com\/2021\/06\/23\/buffer-overflow-and-code-injection-vulnerabilities-in-codesys\/\" target=\"_blank\" rel=\"noreferrer noopener\">(CVSS)<\/a><\/strong> scale, and its exploitation would allow privileged remote hackers on the target system to impersonate an official Dell service in order to take control of the operating system boot process and thus break any security controls enabled. So far no active exploitation attempts or a functional attack have been detected for the abuse of these flaws.<\/p>\n<p>The report was presented by security firm Eclypsium, whose researchers say the problem lies in at least 129 Dell devices, including desktops, laptops and electronic tablets used by nearly 130 million users worldwide.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity experts reported the detection of at least four flaws in Dell SupportAsist\u2019s BIOSConnect feature, the exploitation of which would allow threat actors to deploy remote code to affected devices. It should be noted that this software is preinstalled by default on most Dell computers running Windows systems, and BIOSConnect allows remote firmware update and [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-124274","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/124274","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=124274"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/124274\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=124274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=124274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=124274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}