May 05 2021

Dell fixes exploitable holes in its own firmware update driver – patch now!

Category: Hardware Security,Security vulnerabilitiesDISC @ 8:36 am

Researchers at SentinelLabs say that they found various exploitable bugs in one of Dell’s Windows kernel drivers, which they reported back in December 2020.

There were five related bugs, now collectively dubbed CVE-2021-21551.

Dell has now issued a patch for these vulnerabilities (the official update is dated 2021-05-04), noting that:

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Expunging the bugs

Tags: firmware update driver