Dell laptops and desktops were found to be vulnerable due to a bug in the Utility driver component that was detected by security researchers at Sentinel Labs.

Dell Systems Vulnerable:

It was also provided by the Sentinel Labs researchers that the bug left over a million Dell Laptops and systems vulnerable to severe cybersecurity concerns.

The experts are also of the opinion that the security vulnerability had the potential to initiate a slew of hacker attacks, including a total system takeover attack.

Detailing the vulnerability, it was found that was the security flaw was existent in the Dell BIOS Utility Driver, called DBUtil.

Also read,

Why was the Dell bug persistent?

According to the security experts who found the security hole on the Dell systems, it could have facilitated threat actors to gain unauthorized access to the target laptops and system.

A BIOS updates delivery module on Dell laptops and desktops which is a part of the DBUtil driver was found riddled with a total of five flaws.

Of these five security flaws, two were a consequence of corrupted memory glitches, two were due to input validation failures and the last was a result of logical failure.

Perilous implications of exploitation:

Subsequently, collective exploitation of these flaws could lead to concerning hacker attacks and malicious system takeover scenarios.

Another precarious attack scenario due to the bug exploitation is privilege escalation.

A malicious actor could exploit the bug to obtain admin-level access to a target Dell system or laptop. Once access is obtained, they could possibly have installed malware deep inside the system so as to lock a user out of his own machine.

Sentinel Labs experts detailed that the Dell BIOS Utility server could be requested by any service to obtain high-level system permissions.

Device systems vulnerable for years:

Apparently, the bug was persistent in their systems since 2009, as was noted by the security experts.

It was also provided that the shortcoming of the driver was due to the absence of an ‘access control list’. Such lists help restrict non-admin level apps from gaining high-level system access for important tasks.

But since that has not been used by Dell, the exposed function control could provide a hacker with such high-level system access.

Currently, there have been no reported cases of exploitation of the security vulnerability.

However, Dell has addressed a vulnerability and published a security patch for it, which it was alerted about back in December 2020.