Security News > 2021 > May > Vulnerable Dell driver puts hundreds of millions of systems at risk
A driver that's been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system.
It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates.
A collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot.
The remedy is a fixed driver but the researcher says that at the moment of writing the report the company had not revoked the certificate for the vulnerable driver, meaning that an adversary on the network can still use it in an attack.
Despite the longevity of the vulnerable DBUtil driver and the large number of potential victims, SentinelOne says that they have not seen any indicators about these vulnerabilities being exploited in the wild.
The company has published a video to show that a vulnerable DBUtil driver can be exploited to achieve local privilege escalation on a target system.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-04 | CVE-2021-21551 | Unspecified vulnerability in Dell Dbutil 2 3.Sys Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. | 7.8 |