Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 24, 2021Rewterz Threat Advisory – ICS: Johnson Controls exacqVision
June 25, 2021Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 24, 2021Rewterz Threat Advisory – ICS: Johnson Controls exacqVision
June 25, 2021Severity
High
Analysis Summary
CVE-2021-21571
Dell SupportAssist is vulnerable to a denial of service, caused by an improper certificate validation vulnerability in the UEFI BIOS HTTPS stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature. By using man-in-the-middle attack techniques, an attacker could exploit this vulnerability to tamper with the payload and cause a denial of service.
CVE-2021-21572, CVE-2021-21573, CVE-2021-21574
Dell SupportAssist is vulnerable to a buffer overflow, caused by improper bounds checking by the BIOSConnect feature. By sending an overly long argument, a locally authenticated attacker from within the local network could overflow a buffer and execute arbitrary code on the system, and bypass UEFI restrictions.
Impact
- Gain Access
- Denail od Service
Affected Vendors
Dell
Affected Products
Dell SupportAssist
Remediation
Refer to Dell DSA Identifier: DSA-2021-106 for the patch, upgrade, or suggested workaround information. https://www.dell.com/support/kbdoc/en-pk/000188682/dsa-2021-106-dell-client-platform-security-update-for-multiple-vulnerabilities-in-the-supportassist-biosconnect-feature-and-https-boot-feature