Security researcher found enough vulnerable σημεία σε ένα driver που έχει εγκατασταθεί σε εκατομμύρια συστήματα με Windows της Dell τα τελευταία 12 χρόνια. Αυτές οι vulnerabilities can allow an attacker to perform privilege escalation.
The vulnerability (CVE-2021-21551) in Dell's DBUtil Windows driver is found in All-in-One and 2-in-1 systems.
Dell on the other hand issued it warning security DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver and FAQ says:
Dell dbutil_2_3.sys driver contains access control vulnerabilities, which could lead to escalation of privileges, denial of service or disclosure of information. Local user access authentication required.
The vulnerability (CVE-2021-21551) exists in the dbutil_2_3.sys driver and has a severity rating of 8 (out of 10). The driver may be installed on almost any system Dell running the Windows operating system if the firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent or the Dell Platform Tags.
Kasif Dekel, a security researcher at SentinelOne, he said the following vulnerabilities cited as CVE-2021-21551 but did not disclose all details, for obvious reasons.
- CVE-2021-21551: Local Elevation Of Privileges # 1 - Memory corruption
- CVE-2021-21551: Local Elevation Of Privileges # 2 - Memory corruption
- CVE-2021-21551: Local Elevation Of Privileges # 3 - Lack of input validation
- CVE-2021-21551: Local Elevation Of Privileges # 4 - Lack of input validation
- CVE-2021-21551: Denial Of Service - Code logic issue
These vulnerabilities are not considered very critical, because an attacker who tries to exploit them must have already compromised the computer. However, they allow malicious users and malware to remain on the infected system.