BIOS Disconnect - New Research from Eclypsium

Presented by

John Loucaides, VP Federal Technology, Eclypsium

About this talk

Eclypsium researchers have identified multiple vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This chain of vulnerabilities has a cumulative CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com and gain arbitrary code execution at the BIOS/UEFI level of the affected device. Such an attack would enable adversaries to control the device’s boot process and subvert the operating system and higher-layer security controls. The issue affects 128 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. In this webinar, we will discuss the significant risks this poses to the integrity of these devices, and what steps can be taken to mitigate this threat.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (50)
Subscribers (3094)
Eclypsium is the industry’s leading enterprise firmware protection platform - providing a new layer of security to protect your IT infrastructure from firmware attacks. Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today.