A buffer overflow vulnerability has been identified in the Dell BIOSConnect feature, which allows users to update their BIOS firmware from the cloud. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions, such as Secure Boot and BitLocker. This could compromise the system security and integrity. Dell recommends customers to update their BIOS firmware to the latest version from the official Dell website as soon as possible to prevent any potential exploitation. Customers can find out more details on CVE-2021-21574.
