Download and run a remediated firmware update utility package, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags as applicable.Immediately remove the vulnerable dbutil_2_3.sys driver from the affected system.Remediation steps are outlined in greater detail in the Dell advisory (also linked below). The bugs allow an attacker with existing lower-privilege access to escalate and effect some real damage, such as bypass security controls, destroy data, or traverse the network to other crtical assets such as domain controllers. Hundreds of millions of Dell tablets, notebooks, and laptops are at risk of having the vulnerabilities exploited. Visit Dell advisory DSA-2021-088 to see the table of effected devices, which includes both currently supported and end-of-life products. The list of affected devices is exhaustive. Local access just means that any foothold in the operating system, such as that established by downloaded malware or a phishing attack, could position the attacker to exploit these vulnerabilties. “Local authenticated user access” should not be interpreted as physical access. Local authenticated user access is first required before this vulnerability can be exploited. Input Validation: two vulnerability instancesĪ driver (dbutil_2_3.sys) packaged with Dell Client firmware update utility packages and software tools contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure.Memory Corruption: two vulnerability instances Product Name: DELL Computer Drivers Update Version: 1.0 Description : Description Kaseya script to update an DELL computers silently with the latest DELL.While it is tracked in a single CVE, the five vulnerabilities can be broken down into the following categories: What is the nature of the vulnerabilties?Īll five vulnerabilities are tracked in CVE-2021-21551 (CVSS 8.8) which was identified by SentinelOne researchers and noted to be implemented on hundreds of millions of business and consumer machines over the last 12 years. Owners and administrators of affected devices should apply patches ASAP. exe driver installation file and follow the on-screen instructions to complete the installation process.Dell has issued an advisory to patch five high-severity zero-day vulnerabilities that have gone undetected since 2009. The flaws, linked to a single driver file, allow escalation of privileges and kernel-level access on already compromised hosts.
0 Comments
Leave a Reply. |