Dell Boot Recovery Remote Code Execution (RCE)

TLP White

Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices

Finished Intelligence Reports Jun 24, 2021, 09:19 AM

Eclypsium security researchers have discovered a vulnerability in the Dell BIOSConnect feature available on at least 180 models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Secured-core PCs. This undesignated vulnerability has a calculated CVSS score of 8.3 (High), potentially impacting millions of devices. The vulnerability can enable an attacker to remotely execute code in the pre-boot environment. Such code may alter the initial state for an operating system, potentially violating common assumptions on the hardware/firmware layers and breaking OS-level security controls.

Read report in it’s entirety below:

[pdf-embedder url=”https://h-isac.org/tmp24/wp-content/uploads/2021/06/Dell-Boot-Recovery-Remote-Code-Execution-RCE-Vulnerability-Impacts-Millions-of-Devices.pdf” title=”Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices”]

• Related Resources & News
• Health-ISAC Hacking Healthcare 8-26-2024
• What is Threat Intelligence? A Comprehensive Overview
• Why Cybercriminals Target Healthcare Data and How Organisations Can Protect Themselves
• Federal Authorities Work to Boost Health-Care Cybersecurity
• Health-ISAC Hacking Healthcare 8-9-2024
• Health-ISAC Medical Device Blog – VEX
• Podcast: Health-ISAC Featured in Cyberwire Daily episode 2021
• Health-ISAC Hacking Healthcare 8-2-2024
• Protecting Healthcare Organizations with Human-Centric Email Security
• American Hospital Association and Health-ISAC Joint Threat Bulletin