Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.
And it affects 129 models of PC and laptop... or about 30 million computers Votes cast on this argument
A chain of four vulnerabilities in Dell's SupportAssist remote firmware update utility could let malicious people run arbitrary code in no fewer than 129 different PCs and laptops models – while impersonating Dell to remotely upload a tampered BIOS. A remote BIOS reflasher built into a pre-installed Dell support tool, SupportAssist, would accept "any valid wildcard certificate" from a pre-defined list of certificate authorities, giving attackers a vital foothold deep inside targeted machines â...
And it affects 129 models of PC and laptop... or about 30 million computers
A chain of four vulnerabilities in Dell's SupportAssist remote firmware update utility could let malicious people run arbitrary code in no fewer than 129 different PCs and laptops models – while impersonating Dell to remotely upload a tampered BIOS. A remote BIOS reflasher built into a pre-installed Dell support tool, SupportAssist, would accept "any valid wildcard certificate" from a pre-defined list of certificate authorities, giving attackers a vital foothold deep inside targeted machines â...