Hundreds of millions of Dell computers are affected by a 12-year-old vulnerability that affects version 2.3 of the Dell BIOS driver.

The flaw could lead to increased privileges on the system and was discovered by researchers from SentinelLabs.

It is estimated that hundreds of millions of Dell computers, from desktops and laptops to tablets, received the vulnerable driver through BIOS updates.

A collection of five flaws, collectively tracked as CVE-2021-21551, was discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot.

Kasif Dekel, a security researcher at SentinelOne, found that it can be exploited “to escalate privileges from a non-administrator user to kernel mode privileges.”

An attacker running with this level of permissions would have unrestricted access to all hardware available on the system, including referencing any memory address.

This type of vulnerability is not considered critical because it requires an attacker to compromise the computer beforehand. But it permits threat actors and malware to gain persistence on the infected system.

The five flaws, most of them leading to privilege escalation and one code logic issue that leads to denial of service are

  • CVE-2021-21551: Local Elevation Of Privileges #1 – Memory corruption
  • CVE-2021-21551: Local Elevation Of Privileges #2 – Memory corruption
  • CVE-2021-21551: Local Elevation Of Privileges #3 – Lack of input validation
  • CVE-2021-21551: Local Elevation Of Privileges #4 – Lack of input validation
  • CVE-2021-21551: Denial Of Service – Code logic issue

The researcher plans to share proof-of-concept exploit code on June 1st.

Dell has prepared a security advisory for this vulnerability. The remedy is a fixed driver but as of now, the company had not revoked the certificate for the vulnerable driver, which means that an adversary on the network can still use it in an attack.

So far, there are no indicators of these vulnerabilities being exploited in the wild.

The post Hundreds of millions Of Dell PCs affected by driver flaws first appeared on Cybersafe News.

You May Also Like

11 important vulnerabilities in Fortinet products FortiOS, FortiAnalyzer, FortiADC, FortiManager, FortiProxy, FortiClient, FortiDeceptor, FortiSwitch, FortiRecoder & FortiVoiceEnterprise 

Fortinet, an American multinational corporation headquartered in Sunnyvale, California. The company develops…

Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow easy unauthorized purchases

During the first day of BlackHat Europe, Positive Technologies researcher Timur Yunusov…

Critical vulnerabilities allow hacking medical surgical robots and putting lives at risk

Engineering firm Aethon announced the correction of various vulnerabilities in its Tug…