• A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.
Article Summaries:
- Dell’s hard‑coded software flaw, first identified earlier this year, has been actively exploited by a China‑linked threat actor since mid‑2024. The vulnerability allows attackers to move laterally across affected networks, establish long‑term persistence, and deploy additional malware. Security teams have reported that the flaw is being used as a foothold for broader intrusion campaigns, raising concerns about the potential for widespread data exfiltration and system compromise. Dell has issued patches, but the ongoing exploitation underscores the need for rapid remediation and continuous monitoring of affected environments.
Sources: