Vulnerability Note VU#925497
Dell System Detect installs root certificate and private key (DSDTestProvider)
Dell System Detect installs the DSDTestProvider certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle (MiTM), and passive decryption attacks, resulting in the exposure of sensitive information.
Dell System Detect (DSD) is an application that runs on your Windows-based PC or Tablet with your permission and interacts with the Dell Support website. DSD is pre-installed on some Dell systems. DSD installs a trusted root certificate (DSDTestProvider) that includes the private key.
Dell systems that have been re-imaged or do not otherwise have DSD installed are not affected.
An attacker can generate certificates signed by the DSDTestProvider CA. Systems that trusts the DSDTestProvider CA will trust any certificate issued by the CA. An attacker can impersonate web sites and other services, sign software and email messages, and decrypt network traffic and other data. Common attack scenarios include impersonating a web site, performing a MiTM attack to decrypt HTTPS traffic, and installing malicious software.
Mark DSDTestProvider certificate as untrusted
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Dell||Affected||-||25 Nov 2015|
CVSS Metrics (Learn More)
Reported in a blog post by Hanno Böck.
This document was written by Brian Gardiner.
- CVE IDs: Unknown
- Date Public: 24 Nov 2015
- Date First Published: 24 Nov 2015
- Date Last Updated: 01 Dec 2015
- Document Revision: 34
If you have feedback, comments, or additional information about this vulnerability, please send us email.