A security researcher has identified several vulnerabilities in one driver που έχει εγκατασταθεί σε millions Dell Windows systems for the past 12 years. These vulnerabilities could allow an attacker to perform privilege escalation.
The vulnerability (CVE-2021-21551) in Dell's DBUtil Windows driver is found in All-in-One and 2-in-1 systems.
Dell, on the other hand, issued the security warning DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver and FAQ says:
The Dell driver dbutil_2_3.sys contains a vulnerability control access, which may result in privilege escalation, denial of service, or information disclosure. Local user access authentication is required.
Η ευπάθεια (CVE-2021-21551) υπάρχει στο πρόγραμμα οδήγησης dbutil_2_3.sys και έχει πάρει βαθμολογία σοβαρότητας 8 (στα 10). Ο driver ενδέχεται να έχει εγκατασταθεί σχεδόν σε οποιοδήποτε σύστημα Dell που τρέχει το operating system των Windows αν χρησιμοποιήθηκαν τα πακέτα βοηθητικών προγραμμάτων ενημέρωσης firmware, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or the Dell Platform Tags.
Kasif Dekel, a security researcher at SentinelOne, he said the following vulnerabilities cited as CVE-2021-21551 but did not disclose all details, for obvious reasons.
- CVE-2021-21551: Local Elevation Of Privileges # 1 - Memory corruption
- CVE-2021-21551: Local Elevation Of Privileges # 2 - Memory corruption
- CVE-2021-21551: Local Elevation Of Privileges # 3 - Lack of input validation
- CVE-2021-21551: Local Elevation Of Privileges # 4 - Lack of input validation
- CVE-2021-21551: Denial Of Service - Code logic issue
These vulnerabilities are not considered very critical, because an attacker who tries to exploit them must have already compromised the computer. However, they allow malicious users and malware to remain on the infected system.