Dell security updates: BIOS and NetWorker vulnerability closed
Attackers can attack Dell PCs and software. In the worst case scenario, malicious code can get onto devices. However, a patch is not yet available.
(Image: Artur Szczybylo/Shutterstock.com)
Various computer models from Dell, such as the Alienware and Inspiron series, can be attacked via a BIOS vulnerability. Attackers can also attack PCs with the NetWorker backup solution. However, not all security updates are currently available for download.
The vulnerabilities
According to a warning message, attackers must already have high user rights and local access to exploit the vulnerability (CVE-2024-52541). Despite this hurdle, the threat level for this vulnerability is “high”. If the requirements are met, they can extend their rights. Dell lists the BIOS issues secured against this in the warning message.
The vulnerability (CVE-2025-21103 “high”) in NetWorker can be used by local attackers without authentication to push and execute malicious code on systems. Version 19.10.0.7 is equipped against this. The security update for version 19.11 will follow in March, the developers announced in a post.
Videos by heise
It is currently not known how attacks could actually take place in both cases. So far, there have been no reports of attackers exploiting the vulnerabilities. However, admins should not wait too long to install the security updates. NetWorker 19.11 remains vulnerable for now.
(des)
