News, news analysis, and commentary on the latest trends in cybersecurity technology.

Binarly Coordinates Patches for 3 Firmware Flaws With Dell

The latest three memory corruption flaws in Dell BIOS highlights the challenges of fixing firmware vulnerabilities.

Dark Reading Staff, Dark Reading

March 21, 2022

2 Min Read
a single computer chip on a board.
Source: Edelweiss via Adobe Stock Photo

Firmware security company Binarly has discovered three new arbitrary code execution vulnerabilities in the System Management Mode components on Dell devices. All three memory corruption flaws in Dell BIOS have been assigned "high" severity ratings and a score of 8.2 on the Common Vulnerability Score System (CVSS).

Running SMM bypasses built-in protections against modifications, which means attackers could potentially install firmware backdoors into the BIOS. The security issues, if exploited, could also be used to bypass the controls in the Unified Extensible Firmware Interface (UEFI) firmware ecosystem (the software interface between the system's operating system and platform firmware) such as Secure Boot and memory isolating for hypervisors.

According to Binarly, exploitation can allow a locally authenticated user to elevate privileges and execute arbitrary code in SMM to install modified firmware or backdoors. Once the firmware has been modified, detecting and removing the malicious code becomes more difficult, Binarly notes.

Affected devices include Dell Edge Gateway 3000 and Dell Inspiron 15 Gaming 7567, Binarly says. Dell has updated the BIOS to address the issues (CVE-2022-24420, CVE-2022-24421, CVE-2022-24419), and organizations are encouraged to download and update "at the earliest opportunity."

The latest vulnerability announcement comes just a month after Binarly's security research team managed the coordinated disclosure of 16 high severity vulnerabilities in HP devices and 23 issues impacting major enterprise vendors.

Binarly refers to all these vulnerabilities as "repeatable failures" because of the lack of input sanitization and insecure coding practices. The complexity of the codebase and the widespread adoption makes it difficult to completely address the issues as they are found. The complexity of the firmware supply chain leads to "an almost infinite source of vulnerabilities," Binarly says in its blog post discussing the latest flaws.

"In many cases, the same vulnerability can be fixed over multiple iterations, and still, the complexity of the attack surface leaves open gaps for malicious exploitation," Binarly says.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights