May 07, 2021
Dell users may want to check if their laptop or PC is affected.
Dell
Security firm SentinelOne has found flaws in Dell’s firmware update driver dating back to 2009. Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privilege on Dell PCs, laptops, and servers. The full list of affected devices is listed on the Dell website.
In his report, Senior Security Researcher at SentinelOne Kasif Dekel said that the flaw is a combination of five vulnerabilities collectively called CVE-2021-21551 that exists in the dbutil_2_3.sys driver.
Four of the flaws lead to privilege escalation with the last leading to a denial of service.