QID 375659

Date Published: 2021-06-28

QID 375659: Dell Client Platform BIOSConnect and HTTPS Boot Multiple Vulnerabilities (DSA-2021-106)

The Dell BIOSConnect feature is a Dell preboot solution that is used to update system BIOS and recover the operating system (OS) using the SupportAssist OS Recovery on Dell Client platforms.
The Dell HTTPS Boot feature is an extension to UEFI HTTP Boot specifications to boot from an HTTP(S) Server.

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Successful exploitation allows attacker to execute arbitratry code.

CVSS V3 rated as High - 7.5 severity.

CVSS V2 rated as High - 6.9 severity.

Solution

Customers are advised to update the BIOS to latest version. Refer to DSA-2021-106 for more information.Workaround:
Customers may disable the BIOSConnect feature.
Customers may disable the HTTPS Boot feature.

Vendor References

DSA-2021-106 - www.dell.com/support/kbdoc/en-us/000188682/dsa-2021-106-dell-client-platform-security-update-for-multiple-vulnerabilities-in-the-supportassist-biosconnect-feature-and-https-boot-feature

CVEs related to QID 375659

CVE-2021-21571 | CVE-2021-21572 | CVE-2021-21573 | CVE-2021-21574 |

Software Advisories

Advisory ID	Software	Component	Link
DSA-2021-106			www.dell.com/support/kbdoc/en-us/000188682/dsa-2021-106-dell-client-platform-security-update-for-multiple-vulnerabilities-in-the-supportassist-biosconnect-feature-and-https-boot-feature

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].