Security News > 2021 > May > Vulnerable Dell driver puts hundreds of millions of systems at risk

Vulnerable Dell driver puts hundreds of millions of systems at risk
2021-05-04 13:07

A driver that's been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system.

It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates.

A collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot.

The remedy is a fixed driver but the researcher says that at the moment of writing the report the company had not revoked the certificate for the vulnerable driver, meaning that an adversary on the network can still use it in an attack.

Despite the longevity of the vulnerable DBUtil driver and the large number of potential victims, SentinelOne says that they have not seen any indicators about these vulnerabilities being exploited in the wild.

The company has published a video to show that a vulnerable DBUtil driver can be exploited to achieve local privilege escalation on a target system.


News URL

https://www.bleepingcomputer.com/news/security/vulnerable-dell-driver-puts-hundreds-of-millions-of-systems-at-risk/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-05-04 CVE-2021-21551 Unspecified vulnerability in Dell Dbutil 2 3.Sys
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure.
local
low complexity
dell
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Dell 1678 29 437 430 109 1005