BIOS Disconnect - New Research from Eclypsium

Logo
Presented by

John Loucaides, VP Federal Technology, Eclypsium

About this talk

Eclypsium researchers have identified multiple vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This chain of vulnerabilities has a cumulative CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com and gain arbitrary code execution at the BIOS/UEFI level of the affected device. Such an attack would enable adversaries to control the device’s boot process and subvert the operating system and higher-layer security controls. The issue affects 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. In this webinar, we will discuss the significant risks this poses to the integrity of these devices, and what steps can be taken to mitigate this threat.
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (37)
Subscribers (3287)
Eclypsium is the industry’s leading IT and AI Infrastructure Supply Chain Security company. Eclypsium defends enterprises and government agencies from vulnerabilities and supply chain threats hidden within hardware and firmware that traditional EDR and VM solution's miss.