Computer hardware giant Dell disclosed four high-impact vulnerabilities today that let an attacker inject arbitrary code during the pre-booting process and bypass security controls.
The vulnerabilities, discovered by security researchers at Eclypsium, attack the BIOSConnect feature within Dell Client BIOS and affects 30 million devices across 128 different Dell models, including laptops, desktops and tablets.
None of the four vulnerabilities rate higher than a 7.2 individually on the CVSS scale, but when chained together, their cumulative severity rating bumps up to an 8.3. Such scoring is not always the best way to measure a vulnerability’s potential impact, but it demonstrates how using these flaws in tandem can make them even more dangerous.
In a security advisory, Dell said two of the vulnerabilities have already been fixed on the server side on May 28, while the other two will require customers to patch their devices. Those patches are already available.
“For those that cannot apply BIOS updates immediately, Dell has also provided an interim mitigation to disable the BIOSConnect and HTTPS Boot features,” the company said.
The vulnerability – which exploits weak certificate verification protocols in BIOSConnect – allows the attacker to impersonate Dell in order to send attacker-controlled code to the device.
From there, they can use three other overflow vulnerabilities (two of which affect the operating system recovery process and another that impacts the firmware updating process), all three which allow for arbitrary code execution in BIOS that bypasses security controls during the booting process.
Eclypsium researchers noted a caveat: the attacker would need to have elevated network privileges first traffic in order to exploit the chain.
Successfully exploiting the vulnerabilities “would require an attacker to be able to redirect the victim’s traffic, such as via a Machine-in-the-Middle (MITM) attack,” Eclypsium wrote. “However, the virtually unlimited control over a device that this attack can provide makes it worth the effort by the attacker.”
In an interview, Eclypsium researchers Jesse Michael and Mickey Shkatov said the initial foothold in the form of privileged access is not very difficult to come by, and the certificate authority they used to get that access was a bargain, costing about $70 Euros. You also don’t need to specifically spoof Dell, because the TLS connection will accept any valid certificate.
“Some people have the impression that a privileged network position means you need to hack the internal network of the target, and that’s actually not the case,” Michael said. “Basically any step along the path from the target to Google or the target and Dell is an opportunity to pull off this kind of attack.”
Michael and Shkatov have a deep background researching vulnerabilities that exploit weaknesses in the secure booting process. Last year, they helped discover BootHole, another damaging vulnerability targeting weak certificate verification to attack the booting process and bypass OS security controls, that impacted billions of Linux-based devices.
They said BIOS security and firmware security in general has lagged behind OS application security, where vulnerabilities can be sandboxed, outside code or shells can be blocked from certain points on the stack, and security cookies can be used to protect against buffer overflow attacks. Traditionally there have been usability tradeoffs that made these kinds of attacks harder to pull off, but that’s starting to change.
“On the one hand, it is easier from an exploit perspective to get lower in the stack and get execution for an attacker, on the other hand the lower you get into the stack, the less usability you have compared to traditional operating systems,” said Shkatov. However, as you see with this Dell feature, there is more and more usability being added to the lower levels of the stack, giving attackers more and more access, more ease of exploitation.
See Dell’s advisory for a complete list of affected products.