SupportAssist BIOSConnect Vulnerability Audit

Reports

SupportAssist BIOSConnect Vulnerability Audit

Find Computers Vulnerable to the BIOSConnect Vulnerability

Dell released another advisory on their SupportAssist software. This time the BIOSConnect component, which provides remote firmware update and OS recovery features to Dell computers has multiple vulnerabilities in it. The vulnerability consists of one TLS connection issue from BIOS to DELL (tracked as CVE-2021-21571) followed by three overflow vulnerabilities (CVE-2021-21572, CVE-2021-21573, and CVE-2021-21574). It affects 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs.

The report below provides an overview of all 129 Dell models that are affected along with their BIOS version and which version it should have. Please note that Dell suggests updating the BIOS without making use of the BIOSConnect feature and performing a manual update instead.

SupportAssist BIOSConnect Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblBIOS.SMBIOSBIOSVersion As BIOSVersion,
Concat(Subquery1.BiosFixedVersion, ' or ', Subquery2.BiosFixedVersion2) As
BIOSFixedVersion,
tblBIOS.ReleaseDate As BIOSReleaseDate,
Case
When tblBIOS.SMBIOSBIOSVersion = Subquery1.BiosFixedVersion Then 'Safe'
When tblBIOS.SMBIOSBIOSVersion = Subquery2.BiosFixedVersion2 Then 'Safe'
When tblBIOS.ReleaseDate >= '2021-06-09' Then 'Safe'
Else 'Potentially vulnerable'
End As Vulnerable,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When tblBIOS.SMBIOSBIOSVersion = Subquery1.BiosFixedVersion Then '#d4f4be'
When tblBIOS.SMBIOSBIOSVersion = Subquery2.BiosFixedVersion2 Then '#d4f4be'
When tblBIOS.ReleaseDate >= '2021-06-09' Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblBIOS On tblAssets.AssetID = tblBIOS.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Left Join (Select tblAssetCustom.AssetID,
Case
When tblAssetCustom.Model Like '%m15%R6%' Then '1.3.3'
When tblAssetCustom.Model Like '%ChengMing%3990%' Then '1.4.1'
When tblAssetCustom.Model Like '%ChengMing%3991%' Then '1.4.1'
When tblAssetCustom.Model Like '%G15%5510%' Then '1.4.0'
When tblAssetCustom.Model Like '%G15%5511%' Then '1.3.3'
When tblAssetCustom.Model Like '%G3%3500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G5%5500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G7%7500%' Then '1.9.0'
When tblAssetCustom.Model Like '%G7%7700%' Then '1.9.0'
When tblAssetCustom.Model Like '%Inspiron%14%5418%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Inspiron%15%5518%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Inspiron%15%7510%' Then '1.0.4'
When tblAssetCustom.Model Like '%Inspiron%3501%' Then '1.6.0'
When tblAssetCustom.Model Like '%Inspiron%3880%' Then '1.4.1'
When tblAssetCustom.Model Like '%Inspiron%3881%' Then '1.4.1'
When tblAssetCustom.Model Like '%Inspiron%3891%' Then '1.0.11'
When tblAssetCustom.Model Like '%Inspiron%5300%' Then '1.7.1'
When tblAssetCustom.Model Like '%Inspiron%5301%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%5310%' Then '2.1.0'
When tblAssetCustom.Model Like '%Inspiron%5400%' Then '1.7.0'
When tblAssetCustom.Model Like '%Inspiron%5401%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5402%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5406%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5408%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5409%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5410%' Then '2.1.0'
When tblAssetCustom.Model Like '%Inspiron%5501%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5502%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%5508%' Then '1.7.2'
When tblAssetCustom.Model Like '%Inspiron%5509%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7300%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%7300%' Then '1.3.0'
When tblAssetCustom.Model Like '%Inspiron%7306%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7400%' Then '1.8.1'
When tblAssetCustom.Model Like '%Inspiron%7500%' Then '1.8.0'
When tblAssetCustom.Model Like '%Inspiron%7500%' Then '1.3.0'
When tblAssetCustom.Model Like '%Inspiron%7501%' Then '1.8.0'
When tblAssetCustom.Model Like '%Inspiron%7506%' Then '1.5.1'
When tblAssetCustom.Model Like '%Inspiron%7610%' Then '1.0.4'
When tblAssetCustom.Model Like '%Inspiron%7706%' Then '1.5.1'
When tblAssetCustom.Model Like '%Latitude%3120%' Then '1.1.0'
When tblAssetCustom.Model Like '%Latitude%3320%' Then '1.4.0'
When tblAssetCustom.Model Like '%Latitude%3410%' Then '1.9.0'
When tblAssetCustom.Model Like '%Latitude%3420%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%3510%' Then '1.9.0'
When tblAssetCustom.Model Like '%Latitude%3520%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%5310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%5310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%5320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5410%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5411%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5420%' Then '1.8.0'
When tblAssetCustom.Model Like '%Latitude%5510%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5511%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%5520%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%5521%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%Latitude%7210%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7310%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7320%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%7410%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%7420%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%7520%' Then '1.7.1'
When tblAssetCustom.Model Like '%Latitude%9410%' Then '1.7.0'
When tblAssetCustom.Model Like '%Latitude%9420%' Then '1.4.1'
When tblAssetCustom.Model Like '%Latitude%9510%' Then '1.6.0'
When tblAssetCustom.Model Like '%Latitude%9520%' Then '1.5.2'
When tblAssetCustom.Model Like '%Latitude%5421%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%OptiPlex%3080%' Then '2.1.1'
When tblAssetCustom.Model Like '%OptiPlex%3090%' Then '1.2.0'
When tblAssetCustom.Model Like '%OptiPlex%3280%' Then '1.7.0'
When tblAssetCustom.Model Like '%OptiPlex%5080%' Then '1.4.0'
When tblAssetCustom.Model Like '%OptiPlex%5090%' Then '1.1.35'
When tblAssetCustom.Model Like '%OptiPlex%5490%' Then '1.3.0'
When tblAssetCustom.Model Like '%OptiPlex%7080%' Then '1.4.0'
When tblAssetCustom.Model Like '%OptiPlex%7090%' Then '1.1.35'
When tblAssetCustom.Model Like '%OptiPlex%7480%' Then '1.7.0'
When tblAssetCustom.Model Like '%OptiPlex%7490%' Then '1.3.0'
When tblAssetCustom.Model Like '%OptiPlex%7780%' Then '1.7.0'
When tblAssetCustom.Model Like '%Precision%17%M5750%' Then '1.8.2'
When tblAssetCustom.Model Like '%Precision%3440%' Then '1.4.0'
When tblAssetCustom.Model Like '%Precision%3450%' Then '1.1.35'
When tblAssetCustom.Model Like '%Precision%3550%' Then '1.6.0'
When tblAssetCustom.Model Like '%Precision%3551%' Then '1.6.0'
When tblAssetCustom.Model Like '%Precision%3560%' Then '1.7.1'
When tblAssetCustom.Model Like '%Precision%3561%' Then '1.3.0 A03'
When tblAssetCustom.Model Like '%Precision%3640%' Then '1.6.2'
When tblAssetCustom.Model Like '%Precision%3650%MT%' Then '1.2.0'
When tblAssetCustom.Model Like '%Precision%5550%' Then '1.8.1'
When tblAssetCustom.Model Like '%Precision%5560%' Then '1.3.2'
When tblAssetCustom.Model Like '%Precision%5760%' Then '1.1.3'
When tblAssetCustom.Model Like '%Precision%7550%' Then '1.8.0'
When tblAssetCustom.Model Like '%Precision%7560%' Then '1.1.2'
When tblAssetCustom.Model Like '%Precision%7750%' Then '1.8.0'
When tblAssetCustom.Model Like '%Precision%7760%' Then '1.1.2'
When tblAssetCustom.Model Like '%Vostro%14%5410%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Vostro%15%5510%' Then '2.1.0 A06'
When tblAssetCustom.Model Like '%Vostro%15%7510%' Then '1.0.4'
When tblAssetCustom.Model Like '%Vostro%3400%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3500%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3501%' Then '1.6.0'
When tblAssetCustom.Model Like '%Vostro%3681%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3690%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%3881%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3888%' Then '2.4.0'
When tblAssetCustom.Model Like '%Vostro%3890%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%5300%' Then '1.7.1'
When tblAssetCustom.Model Like '%Vostro%5301%' Then '1.8.1'
When tblAssetCustom.Model Like '%Vostro%5310%' Then '2.1.0'
When tblAssetCustom.Model Like '%Vostro%5401%' Then '1.7.2'
When tblAssetCustom.Model Like '%Vostro%5402%' Then '1.5.1'
When tblAssetCustom.Model Like '%Vostro%5501%' Then '1.7.2'
When tblAssetCustom.Model Like '%Vostro%5502%' Then '1.5.1'
When tblAssetCustom.Model Like '%Vostro%5880%' Then '1.4.0'
When tblAssetCustom.Model Like '%Vostro%5890%' Then '1.0.11'
When tblAssetCustom.Model Like '%Vostro%7500%' Then '1.8.0'
When tblAssetCustom.Model Like '%XPS %13%9305%' Then '1.0.8'
When tblAssetCustom.Model Like '%XPS%13%2in1%9310%' Then '2.3.3'
When tblAssetCustom.Model Like '%XPS%13%9310%' Then '3.0.0'
When tblAssetCustom.Model Like '%XPS%15%9500%' Then '1.8.1'
When tblAssetCustom.Model Like '%XPS%15%9510%' Then '1.3.2'
When tblAssetCustom.Model Like '%XPS%17%9700%' Then '1.8.2'
When tblAssetCustom.Model Like '%XPS%17%9710%' Then '1.1.3'
End As BiosFixedVersion
From tblAssetCustom) As Subquery1 On Subquery1.AssetID = tblAssets.AssetID
Left Join (Select tblAssetCustom.AssetID,
Case
When tblAssetCustom.Model Like '%Inspiron%5400%' Then '1.4.0'
When tblAssetCustom.Model Like '%Inspiron%5401%' Then '1.4.0'
When tblAssetCustom.Model Like '%Inspiron%7700%' Then '1.4.0'
When tblAssetCustom.Model Like '%Latitude%7320%' Then '1.4.0 A04'
When tblAssetCustom.Model Like '%OptiPlex%7090%' Then '1.2.0'
Else 'N/A'
End As BiosFixedVersion2
From tblAssetCustom) As Subquery2 On Subquery2.AssetID = tblAssets.AssetID
Where tblAssetCustom.Manufacturer Like '%Dell%' And
(tblAssetCustom.Model Like '%m15%R6%' Or tblAssetCustom.Model Like
'%ChengMing%3990%' Or tblAssetCustom.Model Like '%ChengMing%3991%'
Or tblAssetCustom.Model Like '%G15%5510%' Or tblAssetCustom.Model Like
'%G15%5511%' Or tblAssetCustom.Model Like '%G3%3500%' Or
tblAssetCustom.Model Like '%G5%5500%' Or tblAssetCustom.Model Like
'%G7%7500%' Or tblAssetCustom.Model Like '%G7%7700%' Or
tblAssetCustom.Model Like '%Inspiron%14%5418%' Or
tblAssetCustom.Model Like '%Inspiron%15%5518%' Or
tblAssetCustom.Model Like '%Inspiron%15%7510%' Or
tblAssetCustom.Model Like '%Inspiron%3501%' Or
tblAssetCustom.Model Like '%Inspiron%3880%' Or
tblAssetCustom.Model Like '%Inspiron%3881%' Or
tblAssetCustom.Model Like '%Inspiron%3891%' Or
tblAssetCustom.Model Like '%Inspiron%5300%' Or
tblAssetCustom.Model Like '%Inspiron%5301%' Or
tblAssetCustom.Model Like '%Inspiron%5310%' Or
tblAssetCustom.Model Like '%Inspiron%5400%' Or
tblAssetCustom.Model Like '%Inspiron%5400%' Or
tblAssetCustom.Model Like '%Inspiron%5401%' Or
tblAssetCustom.Model Like '%Inspiron%5401%' Or
tblAssetCustom.Model Like '%Inspiron%5402%' Or
tblAssetCustom.Model Like '%Inspiron%5406%' Or
tblAssetCustom.Model Like '%Inspiron%5408%' Or
tblAssetCustom.Model Like '%Inspiron%5409%' Or
tblAssetCustom.Model Like '%Inspiron%5410%' Or
tblAssetCustom.Model Like '%Inspiron%5501%' Or
tblAssetCustom.Model Like '%Inspiron%5502%' Or
tblAssetCustom.Model Like '%Inspiron%5508%' Or
tblAssetCustom.Model Like '%Inspiron%5509%' Or
tblAssetCustom.Model Like '%Inspiron%7300%' Or
tblAssetCustom.Model Like '%Inspiron%7300%' Or
tblAssetCustom.Model Like '%Inspiron%7306%' Or
tblAssetCustom.Model Like '%Inspiron%7400%' Or
tblAssetCustom.Model Like '%Inspiron%7500%' Or
tblAssetCustom.Model Like '%Inspiron%7500%' Or
tblAssetCustom.Model Like '%Inspiron%7501%' Or
tblAssetCustom.Model Like '%Inspiron%7506%' Or
tblAssetCustom.Model Like '%Inspiron%7610%' Or
tblAssetCustom.Model Like '%Inspiron%7700%' Or
tblAssetCustom.Model Like '%Inspiron%7706%' Or
tblAssetCustom.Model Like '%Latitude%3120%' Or
tblAssetCustom.Model Like '%Latitude%3320%' Or
tblAssetCustom.Model Like '%Latitude%3410%' Or
tblAssetCustom.Model Like '%Latitude%3420%' Or
tblAssetCustom.Model Like '%Latitude%3510%' Or
tblAssetCustom.Model Like '%Latitude%3520%' Or
tblAssetCustom.Model Like '%Latitude%5310%' Or
tblAssetCustom.Model Like '%Latitude%5310%' Or
tblAssetCustom.Model Like '%Latitude%5320%' Or
tblAssetCustom.Model Like '%Latitude%5320%' Or
tblAssetCustom.Model Like '%Latitude%5410%' Or
tblAssetCustom.Model Like '%Latitude%5411%' Or
tblAssetCustom.Model Like '%Latitude%5420%' Or
tblAssetCustom.Model Like '%Latitude%5510%' Or
tblAssetCustom.Model Like '%Latitude%5511%' Or
tblAssetCustom.Model Like '%Latitude%5520%' Or
tblAssetCustom.Model Like '%Latitude%5521%' Or
tblAssetCustom.Model Like '%Latitude%7210%' Or
tblAssetCustom.Model Like '%Latitude%7310%' Or
tblAssetCustom.Model Like '%Latitude%7320%' Or
tblAssetCustom.Model Like '%Latitude%7320%' Or
tblAssetCustom.Model Like '%Latitude%7410%' Or
tblAssetCustom.Model Like '%Latitude%7420%' Or
tblAssetCustom.Model Like '%Latitude%7520%' Or
tblAssetCustom.Model Like '%Latitude%9410%' Or
tblAssetCustom.Model Like '%Latitude%9420%' Or
tblAssetCustom.Model Like '%Latitude%9510%' Or
tblAssetCustom.Model Like '%Latitude%9520%' Or
tblAssetCustom.Model Like '%Latitude%5421%' Or
tblAssetCustom.Model Like '%OptiPlex%3080%' Or
tblAssetCustom.Model Like '%OptiPlex%3090%' Or
tblAssetCustom.Model Like '%OptiPlex%3280%' Or
tblAssetCustom.Model Like '%OptiPlex%5080%' Or
tblAssetCustom.Model Like '%OptiPlex%5090%' Or
tblAssetCustom.Model Like '%OptiPlex%5490%' Or
tblAssetCustom.Model Like '%OptiPlex%7080%' Or
tblAssetCustom.Model Like '%OptiPlex%7090%' Or
tblAssetCustom.Model Like '%OptiPlex%7090%' Or
tblAssetCustom.Model Like '%OptiPlex%7480%' Or
tblAssetCustom.Model Like '%OptiPlex%7490%' Or
tblAssetCustom.Model Like '%OptiPlex%7780%' Or
tblAssetCustom.Model Like '%Precision%17%M5750%' Or
tblAssetCustom.Model Like '%Precision%3440%' Or
tblAssetCustom.Model Like '%Precision%3450%' Or
tblAssetCustom.Model Like '%Precision%3550%' Or
tblAssetCustom.Model Like '%Precision%3551%' Or
tblAssetCustom.Model Like '%Precision%3560%' Or
tblAssetCustom.Model Like '%Precision%3561%' Or
tblAssetCustom.Model Like '%Precision%3640%' Or
tblAssetCustom.Model Like '%Precision%3650%MT%' Or
tblAssetCustom.Model Like '%Precision%5550%' Or
tblAssetCustom.Model Like '%Precision%5560%' Or
tblAssetCustom.Model Like '%Precision%5760%' Or
tblAssetCustom.Model Like '%Precision%7550%' Or
tblAssetCustom.Model Like '%Precision%7560%' Or
tblAssetCustom.Model Like '%Precision%7750%' Or
tblAssetCustom.Model Like '%Precision%7760%' Or
tblAssetCustom.Model Like '%Vostro%14%5410%' Or
tblAssetCustom.Model Like '%Vostro%15%5510%' Or
tblAssetCustom.Model Like '%Vostro%15%7510%' Or
tblAssetCustom.Model Like '%Vostro%3400%' Or tblAssetCustom.Model Like
'%Vostro%3500%' Or tblAssetCustom.Model Like '%Vostro%3501%' Or
tblAssetCustom.Model Like '%Vostro%3681%' Or tblAssetCustom.Model Like
'%Vostro%3690%' Or tblAssetCustom.Model Like '%Vostro%3881%' Or
tblAssetCustom.Model Like '%Vostro%3888%' Or tblAssetCustom.Model Like
'%Vostro%3890%' Or tblAssetCustom.Model Like '%Vostro%5300%' Or
tblAssetCustom.Model Like '%Vostro%5301%' Or tblAssetCustom.Model Like
'%Vostro%5310%' Or tblAssetCustom.Model Like '%Vostro%5401%' Or
tblAssetCustom.Model Like '%Vostro%5402%' Or tblAssetCustom.Model Like
'%Vostro%5501%' Or tblAssetCustom.Model Like '%Vostro%5502%' Or
tblAssetCustom.Model Like '%Vostro%5880%' Or tblAssetCustom.Model Like
'%Vostro%5890%' Or tblAssetCustom.Model Like '%Vostro%7500%' Or
tblAssetCustom.Model Like '%XPS %13%9305%' Or tblAssetCustom.Model
Like '%XPS%13%2in1 %9310%' Or tblAssetCustom.Model Like '%XPS%13%9310%' Or
tblAssetCustom.Model Like '%XPS%15%9500%' Or tblAssetCustom.Model Like
'%XPS%15%9510%' Or tblAssetCustom.Model Like '%XPS%17%9700%' Or
tblAssetCustom.Model Like '%XPS%17%9710%') And tblState.Statename = 'Active'
Order By tblAssets.Domain,
tblAssets.AssetName

Show

Hide

NO CREDIT CARD REQUIRED

Ready to get started?

Explore all our features, free for 14 days.

Start free trial Talk to sales

Audit and Take Action in 3 Easy Steps

1. Start Your Free Trial

Experience all Lansweeper features: start your free 14-day trial.
2. Discover All Assets

Discover all IT, OT, and IoT devices from all environments and get a complete asset inventory.
3. Run the Audit & Take Action

Run the audit report and see which devices require your attention.

Ready to get started?

Explore the full platform, free for 14 days.
No credit card required.

Start free Book a demo

Need help evaluating?

Get guidance on pricing at scale and enterprise requirements.

Talk to sales

Clear pricing as you grow

Transparent plans that scale with your environment.

View plans & pricing