Home / Early Warning / Cybersecurity Highlights / Dell pre-installed root certificates

Dell pre-installed root certificates

11/23/2015

It has been revealed that some Dell computers incorporate two certificates to establish encrypted connections without being verified by a certificate authority on Dell computers. The first to be discovered is eDellRoot, a root certificate preinstalled in the range of laptops XPS and includes its own private key. The second is the DSDTestProvider certificate, the certificate is installed through Dell Detector system in the root certificate of equipment and includes its own private key. These two vulnerabilities allow an attacker to generate false certificates which allow a fraudulent HTTPS connection. Dell has made available information to uninstall this certificates of the devices.