A new critical security vulnerability has been discovered in Dell laptops, and it will be just a few clicks away before attackers could take advantage of the flaw for their own personal gains.
The security flaw comes hot on the heels of a recently detected weak digital certificate in a Dell laptop, and it seems the problem is growing into a larger attack surface for hackers. According to Duo Security, the company that found out the vulnerability, the problem originated from PCs shipped by Dell that contain self-signed root digital certificate.
The digital certificate, called eDellRoot, works to secure data flow with encryption. By some unknown error, however, Dell also installed the private encryption key along with the root certificate, making it easy for any tech savvy guy to create fake digital certificates.
As a result, attackers can also develop malicious websites and make them look legitimate using their own digital certificates. But there are more bad implications arising from this critical security flaw. For instance, there is a huge possibility that attackers can also launch a man-in-the-middle attack in order to snoop on data being transmitted between a server and a user.
According to Dell, it plans to release a guide to help users who have purchased a Dell PC remove the private encryption key certificate from the system. The problem affects, for the most part, the Dell Inspiron 14 laptop, according to the security researchers that investigated the issue.
In order to make sure that the certificate has not been used at least to create spoof websites, the researchers made a thorough scan of the Web with the help of Censys, which provided the tool for checking Internet systems that may have used the eDellRoot for traffic encryption.
For now, at the very least, the scan did not turn up websites that use the eDellRoot certificate being investigated. But there were a couple of Internet Protocol addresses that were found to use a self-signed root certificate with an eDellRoot digital fingerprint, though it is quite different from the certificate in question.
So it appears that not only the Inspiron 14 laptop is affected by the problem, but Dell could also have shipped other models that contain similar cryptographic keys. A basic cryptographic practice is that no two cryptographic keys should be identical. And Dell failed in a major way to take that into consideration and uphold the security for its vast customers.
Leave a Reply