Millions of Inspiron, Vostro, XPS, and Alienware Systems affected by new Dell BIOS Bugs

New vulnerabilities in Dell BIOS, including some that might be exploited to execute code on affected computers, have been discovered by researchers. Thеre are five high-severity vulnerabilities, tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24420, and CVE-2022-24421, that require utmost attention.

Dell BIOS 1024x591

Firmware security company Binarly, which found three of the vulnerabilities, claims that active exploitation of all of the reported weaknesses cannot be detected by firmware integrity monitoring solutions due to restrictions in the Trusted Platform Module (TPM) measurement. As per what has been explained, there are technical limitations that prevent the remote device health attestation solutions from detecting systems that have been infected.

At the same time, the reported flaws have an effect on the System Management Mode (SMM) of the firmware, allowing locally authenticated attackers to exploit system management interrupt (SMI) vulnerabilities to gain arbitrary code execution.

The term “System Management Mode” refers to a special-purpose CPU mode in x86 microcontrollers, that is meant for performing system-wide functions such as power management, hardware control, thermal monitoring, and other proprietary manufacturer-developed code.

At runtime, a non-maskable interrupt (SMI) executes SMM code installed by the BIOS whenever one of these operations is requested. Persistent firmware implants can be easily deployed using SMM code since it runs at the highest privilege level and is completely invisible to the operating system.

Researchers at Binarly explain that, as more and more flaws are found, they lead to “repeatable failures” in input sanitation or insecure coding practices in general. A complex codebase or the support for legacy components that have received less attention but are still widely deployed in the field are to blame for these issues. In many circumstances, the same vulnerability can be addressed many times, yet the attack surface’s complexity leaves open holes for malicious exploitation.

Dell has advised its customers to upgrade their BIOS as soon as possible on Alienware, Inspiron, Vostro, and Edge Gateway 3000 Series computers in response to the vulnerability disclosure.

About the author

Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment

SSL Certificate

Web Safety Checker

About Us

HowToRemove.Guide is your daily source for online security news and tutorials. We also provide comprehensive and easy-to-follow malware removal guides. Watch our videos on interesting IT related topics.

Contact Us:

HowToRemove.Guide © 2024. All Rights Reserved.

Exit mobile version