A security vulnerability in Dell software has reportedly remained unpatched for almost two years, allowing Chinese hackers to exploit it. The flaw involves hardcoded login credentials in a tool, raising concerns about data security.
Reports indicate that a zero-day flaw in Dell's software has gone unpatched for nearly two years, creating a significant security risk. According to TechRadar, this vulnerability stems from login credentials being hardcoded in a tool, which has reportedly been exploited by Chinese hackers.
The issue highlights ongoing challenges in software patching, particularly for enterprise tools where such oversights can lead to unauthorized access. No specific details on the affected products or the extent of exploitation were provided in the initial reports, but the duration of the unpatched status—nearly two years—underscores the urgency for remediation.
Dell has not yet issued a public response in the available information, leaving users potentially exposed. Cybersecurity experts emphasize the importance of timely updates to mitigate such risks, especially when state-sponsored actors are involved.
This incident adds to a series of supply chain vulnerabilities in major tech firms, reminding organizations to audit third-party tools rigorously.