Skip to main content
Need help with a cyber incident now?
Call 24/7: +31 88-2747800

Dell Driver Vulnerabilities

By 5 May 2021 September 9th, 2021 CERT, SOC, Vulnerability

This blog contains information about the Dell drivers vulnerabilities. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.

Update May 5, 2021

18:00 | A vulnerability has been found in one of Dell’s kernel drivers labeled CVE-2021-21551. This vulnerability affects hundreds of models, which can be found in the tables on the page of the patch. The error concerns an incorrectly implemented access control, which can cause “privilege escalation”, “denial of service” or “information disclosure”.

Attention: Patching only solves part of the problem, as the problem can be re-occur after a backup has been put back. In addition to patching, it is therefor recommended to set the monitoring for the reappearance of the file ‘dbutil_2_3.sys’.

Reason and background of this blog

This blog contains information about vulnerabilities, the possible risk and advice on how to prevent or limit damage. Below are the possible risks, details and background information.

Potential risk

There is a patch from Dell that only partially fixes the problem, however. The problem or danger is mainly that if someone makes (or has) a backup, the bug will be available again through a downgrade attack. After the patch (mainly in temporary directories such as TEMP), the file dbutil_2_3.sys can be regarded as an Indicator of Compromise.

Detail info

The following CVE references belong to this vulnerability.

Background

Learn more about Dell Driver vulnerabilities on this external source.

Subscribe

Do you want to be informed in time? Sign up for our technical updates

Would you like to receive these critical vulnerabilities by e-mail from now on? Enter your e-mail address below.

Tesorion uses your personal data to send out requested information and possibly for contact by telephone and for marketing and sales purposes. You can change your preferences whenever you want. Read our privacy policy for more information.