TRY NOW

SupportAssist BIOSConnect Vulnerability Audit

Hardware Components Software Vulnerability

Find Computers Vulnerable to the BIOSConnect Vulnerability

Dell released another advisory on their SupportAssist software. This time the BIOSConnect component, which provides remote firmware update and OS recovery features to Dell computers has multiple vulnerabilities in it. The vulnerability consists of one TLS connection issue from BIOS to DELL (tracked as CVE-2021-21571) followed by three overflow vulnerabilities (CVE-2021-21572, CVE-2021-21573, and CVE-2021-21574). It affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. The report below provides an overview of all 129 Dell models that are affected along with their BIOS version and which version it should have. Please note that Dell suggests updating the BIOS without making use of the BIOSConnect feature and performing a manual update instead. If you would like to read more about the vulnerabilities, you can read the SupportAssist BIOSConnect vulnerability blog post. SupportAssist BIOSConnect Report

SupportAssist BIOSConnect Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblBIOS.SMBIOSBIOSVersion As BIOSVersion,
Concat(Subquery1.BiosFixedVersion, ' or ', Subquery2.BiosFixedVersion2) As
BIOSFixedVersion,
tblBIOS.ReleaseDate As BIOSReleaseDate,
Case
When tblBIOS.SMBIOSBIOSVersion = Subquery1.BiosFixedVersion Then 'Safe'
When tblBIOS.SMBIOSBIOSVersion = Subquery2.BiosFixedVersion2 Then 'Safe'
When tblBIOS.ReleaseDate >= '2021-06-09' Then 'Safe'
Else 'Potentially vulnerable'
End As Vulnerable,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When tblBIOS.SMBIOSBIOSVersion = Subquery1.BiosFixedVersion Then '#d4f4be'
When tblBIOS.SMBIOSBIOSVersion = Subquery2.BiosFixedVersion2 Then '#d4f4be'
When tblBIOS.ReleaseDate >= '2021-06-09' Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblBIOS On tblAssets.AssetID = tblBIOS.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Left Join (Select tblAssetCustom.AssetID,
Case
When tblAssetCustom.Model Like '%m15%R6%' Then '1.3.3'
When tblAssetCustom.Model Like '%ChengMing%3990%' Then '1.4.1'
When tblAssetCustom.Model Like '%ChengMing%3991%' Then '1.4.1'
When tblAssetCustom.Model Like '%G15%5510%' Then '1.4.0'
When tblAssetCustom.Model Like '%G15%5511%' Then '1.3.3'
When tblAssetCustom.Model Like '%G3%3500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G5%5500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G7%7500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G7%7700%' Then '1.9.0'
When tblAssetCustom.Model Like '%Inspiron%14%5418%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Inspiron%15%5518%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Inspiron%15%7510%' Then '1.0.4'
When tblAssetCustom.Model Like '%Inspiron%3501%' Then '1.6.0'
When tblAssetCustom.Model Like '%Inspiron%3880%' Then '1.4.1'
When tblAssetCustom.Model Like '%Inspiron%3881%' Then '1.4.1'
When tblAssetCustom.Model Like '%Inspiron%3891%' Then '1.0.11'
When tblAssetCustom.Model Like '%Inspiron%5300%' Then '1.7.1'
When tblAssetCustom.Model Like '%Inspiron%5301%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%5310%' Then '2.1.0'
When tblAssetCustom.Model Like '%Inspiron%5400%' Then '1.7.0'
When tblAssetCustom.Model Like '%Inspiron%5401%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5402%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5406%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5408%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5409%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5410%' Then '2.1.0'
When tblAssetCustom.Model Like '%Inspiron%5501%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5502%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5508%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5509%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7300%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%7300%' Then '1.3.0'
When tblAssetCustom.Model Like '%Inspiron%7306%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7400%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%7500%' Then '1.8.0'
When tblAssetCustom.Model Like '%Inspiron%7500%' Then '1.3.0'
When tblAssetCustom.Model Like '%Inspiron%7501%' Then '1.8.0'
When tblAssetCustom.Model Like '%Inspiron%7506%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7610%' Then '1.0.4'
When tblAssetCustom.Model Like '%Inspiron%7706%' Then '1.5.1'
When tblAssetCustom.Model Like '%Latitude%3120%' Then '1.1.0'
When tblAssetCustom.Model Like '%Latitude%3320%' Then '1.4.0'
When tblAssetCustom.Model Like '%Latitude%3410%' Then '1.9.0'
When tblAssetCustom.Model Like '%Latitude%3420%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%3510%' Then '1.9.0'
When tblAssetCustom.Model Like '%Latitude%3520%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%5310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%5310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%5320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5410%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5411%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5420%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%5510%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5511%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5520%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5521%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%Latitude%7210%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%7410%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7420%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%7520%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%9410%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%9420%' Then '1.4.1'
When tblAssetCustom.Model Like '%Latitude%9510%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%9520%' Then '1.5.2'
When tblAssetCustom.Model Like '%Latitude%5421%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%OptiPlex%3080%' Then '2.1.1'
When tblAssetCustom.Model Like '%OptiPlex%3090%' Then '1.2.0'
When tblAssetCustom.Model Like '%OptiPlex%3280%' Then '1.7.0'
When tblAssetCustom.Model Like '%OptiPlex%5080%' Then '1.4.0'
When tblAssetCustom.Model Like '%OptiPlex%5090%' Then '1.1.35'
When tblAssetCustom.Model Like '%OptiPlex%5490%' Then '1.3.0'
When tblAssetCustom.Model Like '%OptiPlex%7080%' Then '1.4.0'
When tblAssetCustom.Model Like '%OptiPlex%7090%' Then '1.1.35'
When tblAssetCustom.Model Like '%OptiPlex%7480%' Then '1.7.0'
When tblAssetCustom.Model Like '%OptiPlex%7490%' Then '1.3.0'
When tblAssetCustom.Model Like '%OptiPlex%7780%' Then '1.7.0'
When tblAssetCustom.Model Like '%Precision%17%M5750%' Then '1.8.2'
When tblAssetCustom.Model Like '%Precision%3440%' Then '1.4.0'
When tblAssetCustom.Model Like '%Precision%3450%' Then '1.1.35'
When tblAssetCustom.Model Like '%Precision%3550%' Then '1.6.0'
When tblAssetCustom.Model Like '%Precision%3551%' Then '1.6.0'
When tblAssetCustom.Model Like '%Precision%3560%' Then '1.7.1'
When tblAssetCustom.Model Like '%Precision%3561%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%Precision%3640%' Then '1.6.2'
When tblAssetCustom.Model Like '%Precision%3650%MT%' Then '1.2.0'
When tblAssetCustom.Model Like '%Precision%5550%' Then '1.8.1'
When tblAssetCustom.Model Like '%Precision%5560%' Then '1.3.2'
When tblAssetCustom.Model Like '%Precision%5760%' Then '1.1.3'
When tblAssetCustom.Model Like '%Precision%7550%' Then '1.8.0'
When tblAssetCustom.Model Like '%Precision%7560%' Then '1.1.2'
When tblAssetCustom.Model Like '%Precision%7750%' Then '1.8.0'
When tblAssetCustom.Model Like '%Precision%7760%' Then '1.1.2'
When tblAssetCustom.Model Like '%Vostro%14%5410%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Vostro%15%5510%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Vostro%15%7510%' Then '1.0.4'
When tblAssetCustom.Model Like '%Vostro%3400%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3500%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3501%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3681%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3690%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%3881%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3888%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3890%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%5300%' Then '1.7.1'
When tblAssetCustom.Model Like '%Vostro%5301%' Then '1.8.1'
When tblAssetCustom.Model Like '%Vostro%5310%' Then '2.1.0'
When tblAssetCustom.Model Like '%Vostro%5401%' Then '1.7.2'
When tblAssetCustom.Model Like '%Vostro%5402%' Then '1.5.1'
When tblAssetCustom.Model Like '%Vostro%5501%' Then '1.7.2'
When tblAssetCustom.Model Like '%Vostro%5502%' Then '1.5.1'
When tblAssetCustom.Model Like '%Vostro%5880%' Then '1.4.0'
When tblAssetCustom.Model Like '%Vostro%5890%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%7500%' Then '1.8.0'
When tblAssetCustom.Model Like '%XPS %13%9305%' Then '1.0.8'
When tblAssetCustom.Model Like '%XPS%13%2in1%9310%' Then '2.3.3'
When tblAssetCustom.Model Like '%XPS%13%9310%' Then '3.0.0'
When tblAssetCustom.Model Like '%XPS%15%9500%' Then '1.8.1'
When tblAssetCustom.Model Like '%XPS%15%9510%' Then '1.3.2'
When tblAssetCustom.Model Like '%XPS%17%9700%' Then '1.8.2'
When tblAssetCustom.Model Like '%XPS%17%9710%' Then '1.1.3'
End As BiosFixedVersion
From tblAssetCustom) As Subquery1 On Subquery1.AssetID = tblAssets.AssetID
Left Join (Select tblAssetCustom.AssetID,
Case
When tblAssetCustom.Model Like '%Inspiron%5400%' Then '1.4.0'
When tblAssetCustom.Model Like '%Inspiron%5401%' Then '1.4.0'
When tblAssetCustom.Model Like '%Inspiron%7700%' Then '1.4.0'
When tblAssetCustom.Model Like '%Latitude%7320%' Then '1.4.0 A04'
When tblAssetCustom.Model Like '%OptiPlex%7090%' Then '1.2.0'
Else 'N/A'
End As BiosFixedVersion2
From tblAssetCustom) As Subquery2 On Subquery2.AssetID = tblAssets.AssetID
Where tblAssetCustom.Manufacturer Like '%Dell%' And
(tblAssetCustom.Model Like '%m15%R6%' Or tblAssetCustom.Model Like
'%ChengMing%3990%' Or tblAssetCustom.Model Like '%ChengMing%3991%'
Or tblAssetCustom.Model Like '%G15%5510%' Or tblAssetCustom.Model Like
'%G15%5511%' Or tblAssetCustom.Model Like '%G3%3500%' Or
tblAssetCustom.Model Like '%G5%5500%' Or tblAssetCustom.Model Like
'%G7%7500%' Or tblAssetCustom.Model Like '%G7%7700%' Or
tblAssetCustom.Model Like '%Inspiron%14%5418%' Or
tblAssetCustom.Model Like '%Inspiron%15%5518%' Or
tblAssetCustom.Model Like '%Inspiron%15%7510%' Or
tblAssetCustom.Model Like '%Inspiron%3501%' Or
tblAssetCustom.Model Like '%Inspiron%3880%' Or
tblAssetCustom.Model Like '%Inspiron%3881%' Or
tblAssetCustom.Model Like '%Inspiron%3891%' Or
tblAssetCustom.Model Like '%Inspiron%5300%' Or
tblAssetCustom.Model Like '%Inspiron%5301%' Or
tblAssetCustom.Model Like '%Inspiron%5310%' Or
tblAssetCustom.Model Like '%Inspiron%5400%' Or
tblAssetCustom.Model Like '%Inspiron%5400%' Or
tblAssetCustom.Model Like '%Inspiron%5401%' Or
tblAssetCustom.Model Like '%Inspiron%5401%' Or
tblAssetCustom.Model Like '%Inspiron%5402%' Or
tblAssetCustom.Model Like '%Inspiron%5406%' Or
tblAssetCustom.Model Like '%Inspiron%5408%' Or
tblAssetCustom.Model Like '%Inspiron%5409%' Or
tblAssetCustom.Model Like '%Inspiron%5410%' Or
tblAssetCustom.Model Like '%Inspiron%5501%' Or
tblAssetCustom.Model Like '%Inspiron%5502%' Or
tblAssetCustom.Model Like '%Inspiron%5508%' Or
tblAssetCustom.Model Like '%Inspiron%5509%' Or
tblAssetCustom.Model Like '%Inspiron%7300%' Or
tblAssetCustom.Model Like '%Inspiron%7300%' Or
tblAssetCustom.Model Like '%Inspiron%7306%' Or
tblAssetCustom.Model Like '%Inspiron%7400%' Or
tblAssetCustom.Model Like '%Inspiron%7500%' Or
tblAssetCustom.Model Like '%Inspiron%7500%' Or
tblAssetCustom.Model Like '%Inspiron%7501%' Or
tblAssetCustom.Model Like '%Inspiron%7506%' Or
tblAssetCustom.Model Like '%Inspiron%7610%' Or
tblAssetCustom.Model Like '%Inspiron%7700%' Or
tblAssetCustom.Model Like '%Inspiron%7706%' Or
tblAssetCustom.Model Like '%Latitude%3120%' Or
tblAssetCustom.Model Like '%Latitude%3320%' Or
tblAssetCustom.Model Like '%Latitude%3410%' Or
tblAssetCustom.Model Like '%Latitude%3420%' Or
tblAssetCustom.Model Like '%Latitude%3510%' Or
tblAssetCustom.Model Like '%Latitude%3520%' Or
tblAssetCustom.Model Like '%Latitude%5310%' Or
tblAssetCustom.Model Like '%Latitude%5310%' Or
tblAssetCustom.Model Like '%Latitude%5320%' Or
tblAssetCustom.Model Like '%Latitude%5320%' Or
tblAssetCustom.Model Like '%Latitude%5410%' Or
tblAssetCustom.Model Like '%Latitude%5411%' Or
tblAssetCustom.Model Like '%Latitude%5420%' Or
tblAssetCustom.Model Like '%Latitude%5510%' Or
tblAssetCustom.Model Like '%Latitude%5511%' Or
tblAssetCustom.Model Like '%Latitude%5520%' Or
tblAssetCustom.Model Like '%Latitude%5521%' Or
tblAssetCustom.Model Like '%Latitude%7210%' Or
tblAssetCustom.Model Like '%Latitude%7310%' Or
tblAssetCustom.Model Like '%Latitude%7320%' Or
tblAssetCustom.Model Like '%Latitude%7320%' Or
tblAssetCustom.Model Like '%Latitude%7410%' Or
tblAssetCustom.Model Like '%Latitude%7420%' Or
tblAssetCustom.Model Like '%Latitude%7520%' Or
tblAssetCustom.Model Like '%Latitude%9410%' Or
tblAssetCustom.Model Like '%Latitude%9420%' Or
tblAssetCustom.Model Like '%Latitude%9510%' Or
tblAssetCustom.Model Like '%Latitude%9520%' Or
tblAssetCustom.Model Like '%Latitude%5421%' Or
tblAssetCustom.Model Like '%OptiPlex%3080%' Or
tblAssetCustom.Model Like '%OptiPlex%3090%' Or
tblAssetCustom.Model Like '%OptiPlex%3280%' Or
tblAssetCustom.Model Like '%OptiPlex%5080%' Or
tblAssetCustom.Model Like '%OptiPlex%5090%' Or
tblAssetCustom.Model Like '%OptiPlex%5490%' Or
tblAssetCustom.Model Like '%OptiPlex%7080%' Or
tblAssetCustom.Model Like '%OptiPlex%7090%' Or
tblAssetCustom.Model Like '%OptiPlex%7090%' Or
tblAssetCustom.Model Like '%OptiPlex%7480%' Or
tblAssetCustom.Model Like '%OptiPlex%7490%' Or
tblAssetCustom.Model Like '%OptiPlex%7780%' Or
tblAssetCustom.Model Like '%Precision%17%M5750%' Or
tblAssetCustom.Model Like '%Precision%3440%' Or
tblAssetCustom.Model Like '%Precision%3450%' Or
tblAssetCustom.Model Like '%Precision%3550%' Or
tblAssetCustom.Model Like '%Precision%3551%' Or
tblAssetCustom.Model Like '%Precision%3560%' Or
tblAssetCustom.Model Like '%Precision%3561%' Or
tblAssetCustom.Model Like '%Precision%3640%' Or
tblAssetCustom.Model Like '%Precision%3650%MT%' Or
tblAssetCustom.Model Like '%Precision%5550%' Or
tblAssetCustom.Model Like '%Precision%5560%' Or
tblAssetCustom.Model Like '%Precision%5760%' Or
tblAssetCustom.Model Like '%Precision%7550%' Or
tblAssetCustom.Model Like '%Precision%7560%' Or
tblAssetCustom.Model Like '%Precision%7750%' Or
tblAssetCustom.Model Like '%Precision%7760%' Or
tblAssetCustom.Model Like '%Vostro%14%5410%' Or
tblAssetCustom.Model Like '%Vostro%15%5510%' Or
tblAssetCustom.Model Like '%Vostro%15%7510%' Or
tblAssetCustom.Model Like '%Vostro%3400%' Or tblAssetCustom.Model Like
'%Vostro%3500%' Or tblAssetCustom.Model Like '%Vostro%3501%' Or
tblAssetCustom.Model Like '%Vostro%3681%' Or tblAssetCustom.Model Like
'%Vostro%3690%' Or tblAssetCustom.Model Like '%Vostro%3881%' Or
tblAssetCustom.Model Like '%Vostro%3888%' Or tblAssetCustom.Model Like
'%Vostro%3890%' Or tblAssetCustom.Model Like '%Vostro%5300%' Or
tblAssetCustom.Model Like '%Vostro%5301%' Or tblAssetCustom.Model Like
'%Vostro%5310%' Or tblAssetCustom.Model Like '%Vostro%5401%' Or
tblAssetCustom.Model Like '%Vostro%5402%' Or tblAssetCustom.Model Like
'%Vostro%5501%' Or tblAssetCustom.Model Like '%Vostro%5502%' Or
tblAssetCustom.Model Like '%Vostro%5880%' Or tblAssetCustom.Model Like
'%Vostro%5890%' Or tblAssetCustom.Model Like '%Vostro%7500%' Or
tblAssetCustom.Model Like '%XPS %13%9305%' Or tblAssetCustom.Model
Like '%XPS%13%2in1 %9310%' Or tblAssetCustom.Model Like '%XPS%13%9310%' Or
tblAssetCustom.Model Like '%XPS%15%9500%' Or tblAssetCustom.Model Like
'%XPS%15%9510%' Or tblAssetCustom.Model Like '%XPS%17%9700%' Or
tblAssetCustom.Model Like '%XPS%17%9710%') And tblState.Statename = 'Active'
Order By tblAssets.Domain,
tblAssets.AssetName

Show

Hide

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.

TRY NOW TALK TO SALES