Dell Computers Contain CA Root Certificate Vulnerability

Original release date: November 24, 2015

Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. This preinstalled root certificate resides on newer Dell laptops and desktops. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

US-CERT encourages users and administrators to review Vulnerability Note VU#870761 and Dell’s blog post for more information and guidance on removing the certificate.


This product is provided subject to this Notification and this Privacy & Use policy.

Source: US-CERT