CVE-2021-21551

Published on: 05/04/2021 12:00:00 AM UTC

Last Modified on: 05/07/2021 08:12:00 PM UTC

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Certain versions of Debutil 2 3.sys from Dell contain the following vulnerability:

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

  • CVE-2021-21551 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: URL Logo Dell - dbutil version = 2.3

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 4.6 - MEDIUM

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Access Denied www.dell.com
text/html
Inactive LinkNot Archived
URL Logo MISC www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability

Related QID Numbers

  • 375541 Dell Client Platform Security Update for Insufficient Access Control Vulnerability (DSA-2021-088)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationDellDebutil 2 3.sys-AllAllAll
  • cpe:2.3:a:dell:debutil_2_3.sys:-:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @ipssignatures The vuln CVE-2021-21551 has a tweet created 0 days ago and retweeted 16 times. twitter.com/MSEndpointMgr/… #pow1rtrtwwcve 2021-05-05 13:06:00
Twitter Icon @ipssignatures The vuln CVE-2021-21551 has a tweet created 0 days ago and retweeted 10 times. twitter.com/modaly_it/stat… #pow1rtrtwwcve 2021-05-05 13:06:00
Twitter Icon @kbrmemphis CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-05 13:15:57
Twitter Icon @Cyber_O51NT CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-05 13:32:14
Twitter Icon @digiturvamalli Satojen miljoonien Dell-laitteiden päivitysajurissa on vuosia lymyillyt haavoittuvuuksia (CVE-2021-21551), joita hy… twitter.com/i/web/status/1… 2021-05-05 13:34:01
Twitter Icon @ismop Satojen miljoonien Dell-laitteiden päivitysajurissa on vuosia lymyillyt haavoittuvuuksia (CVE-2021-21551), joita hy… twitter.com/i/web/status/1… 2021-05-05 13:42:01
Twitter Icon @RyushiAhnam 2021-05-05 13:44:25
Twitter Icon @dreger_it CVE-2021-21551: #Dell schließt 12 Jahre alte kritische Sicherheitslücke! Sind Sie betroffen und brauchen Hilfe? Ru… twitter.com/i/web/status/1… 2021-05-05 14:36:28
Twitter Icon @BThurstonCPTECH SentinelOne : RT @cyb3rops: YARA rule to detect the vulnerable Dell BIOS update driver reported in CVE-2021-21551… twitter.com/i/web/status/1… 2021-05-05 14:42:23
Twitter Icon @Dave_Cochran so this seems.... awful labs.sentinelone.com/cve-2021-21551… 2021-05-05 15:00:43
Twitter Icon @NicklasHalme Good post why you should be using Endpoint Analytics and Proactive Remediations #memcm #ConfigMgr msendpointmgr.com/2021/05/05/det… 2021-05-05 15:35:31
Twitter Icon @shanemilburn @DellTech I thought maybe you were announcing this labs.sentinelone.com/cve-2021-21551… 2021-05-05 15:42:45
Twitter Icon @PauldPdx labs.sentinelone.com/cve-2021-21551… 2021-05-05 15:52:25
Twitter Icon @Kleeblatt1977 CVE-2021-21551: Dell schließt 12 Jahre alte kritische Sicherheitslücke computerbase.de/2021-05/cve-20… 2021-05-05 17:41:56
Twitter Icon @Har_sia CVE-2021-21551 har-sia.info/CVE-2021-21551… #HarsiaInfo 2021-05-05 18:23:02
Twitter Icon @InfosecP4ul Yikes! labs.sentinelone.com/cve-2021-21551… 2021-05-05 18:34:19
Twitter Icon @SystemTek_UK BIOS PrivEsc Bugs Affect Millions of Dell PCs [CVE-2021-21551] systemtek.co.uk/2021/05/bios-p… 2021-05-05 19:42:11
Twitter Icon @6townstechteam BIOS PrivEsc Bugs Affect Millions of Dell PCs [CVE-2021-21551] systemtek.co.uk/2021/05/bios-p… 2021-05-05 19:42:12
Twitter Icon @Ben_brown10 Detect and remove Dell CVE-2021-21551 with Proactive Remediations msendpointmgr.com/2021/05/05/det… 2021-05-05 20:31:08
Twitter Icon @MMelkersen @dogsnharleys1 Use this instead msendpointmgr.com/2021/05/05/det… 2021-05-05 21:02:57
Twitter Icon @mrvallejo Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws @cyberdefensemag #infosecurity #cybersecurity cyberdefensemagazine.com/hundreds-of-mi… 2021-05-05 21:14:32
Twitter Icon @netsecu cyberdefensemagazine.com/hundreds-of-mi… Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws - Cyber Defense Magazine #cybersecurity 2021-05-05 21:20:05
Twitter Icon @matsuu_zatsu Dell patches 12-year-old driver vulnerability impacting millions of PCs labs.sentinelone.com/cve-2021-21551… 2021-05-05 21:26:03
Twitter Icon @tukanana “CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fl… twitter.com/i/web/status/1… 2021-05-05 21:49:03
Twitter Icon @okita_tasty labs.sentinelone.com/cve-2021-21551… 2021-05-05 23:27:22
Twitter Icon @apulkkanen The update driver in hundreds of millions of Dell devices had a bunch of vulnerabilities for years (CVE-2021-21551)… twitter.com/i/web/status/1… 2021-05-05 23:39:01
Twitter Icon @syouta2 数億台のDell PCに脆弱性、数百万人に影響 - アップデートを news.mynavi.jp/article/202105… >Dellクライアントファームウェアアップデートドライバに脆弱性 dbutil_2_3.sysの脆弱性(CVE-2021-21551) 2021-05-06 01:19:03
Twitter Icon @Arthuz8 Cientos de millones de computadoras Dell afectadas por fallas CVE-2021-21551 cyberdefensemagazine.com/hundreds-of-mi… 2021-05-06 01:34:18
Twitter Icon @MachinaRecord ⚠️DellのPC数億台がCVE-2021-21551の欠陥の影響受ける ??JAXAなど日本の組織へのハッキング:犯人は「Tick(ダニ)」 ??接触者追跡データの漏洩で、ペンシルバニア州民72,000人以上の個人情報が流出… twitter.com/i/web/status/1… 2021-05-06 02:36:56
Twitter Icon @matthew_sec 成立までのハードルはあるもののDELLのBIOSアプデはしても良さそう。 CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple… twitter.com/i/web/status/1… 2021-05-06 03:04:26
Twitter Icon @quasarken This here reminds me of all the good work @oxidecomputer is doing. labs.sentinelone.com/cve-2021-21551… 2021-05-06 03:53:25
Twitter Icon @dexderrewedd447 ?2009年以降に出荷されたDellのデバイスに脆弱性が見つかった。 CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple… twitter.com/i/web/status/1… 2021-05-06 03:59:59
Twitter Icon @neerajaarora Hundreds of Millions of #Dell Computers Potentially #Vulnerable to Attack. #CVE-2021-21551 #TheTimesOfIndia… twitter.com/i/web/status/1… 2021-05-06 04:33:31
Twitter Icon @ohhara_shiojiri Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws Security Affairs securityaffairs.co/wordpress/1175… 2021-05-06 05:34:32
Twitter Icon @threatmeter CVE-2021-21551 Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to e… twitter.com/i/web/status/1… 2021-05-06 07:10:19
Twitter Icon @cyberday_ai The update driver in hundreds of millions of Dell devices had a bunch of vulnerabilities for years (CVE-2021-21551)… twitter.com/i/web/status/1… 2021-05-06 09:55:01
Twitter Icon @Louise_Johnston Using Sophos EDR to identify endpoints impacted by Dell kernel driver vulnerability CVE-2021-21551 news.sophos.com/?p=74906 2021-05-06 11:04:46
Twitter Icon @uberPinto אם יש לכם לפטופ של דל (גם עתיקים מ 2009) אתם פגיעים labs.sentinelone.com/cve-2021-21551… דל אמורים לדחוף תיקון ב 10 למאי אבל אפש… twitter.com/i/web/status/1… 2021-05-06 11:22:08
Twitter Icon @inosoftag Guter Blog-Beitrag über mehrere Schwachstellen in einem Dell-Treiber. #Security #Dell labs.sentinelone.com/cve-2021-21551… 2021-05-06 12:22:01
Twitter Icon @irestartpcs Will a detection for CVE-2021-21551 be added into Threat and Vulnerability Management in MSDE? @MSThreatProtect @msftsecurity 2021-05-06 12:57:25
Twitter Icon @MerlinFromBE Although this CVE isn't yet listed on Defender's known vulnerabilities. According to it is awaiting analysis. 2021-05-06 13:02:05
Twitter Icon @SOC_Prime CVE-2021-21551: Privilege escalation #vulnerabilities in Dell BIOS driver put millions of users at risk of compromi… twitter.com/i/web/status/1… 2021-05-06 13:16:55
Twitter Icon @hidenori_tsuji 数億台のデル製PCに特権昇格の脆弱性 パッチインストール必須 pc.watch.impress.co.jp/docs/news/1322… 具体的なリスク ・CVE-2021-21551 ・スコア8.8 リモートから直接攻撃されるような危険性は低そう… twitter.com/i/web/status/1… 2021-05-06 13:49:43
Twitter Icon @nickbrown290 Dell releases an update for a severe kernel code execution vulnerability - CVE-2021-21551. If you have a Dell compu… twitter.com/i/web/status/1… 2021-05-06 13:54:25
Twitter Icon @autumn_good_35 CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-06 14:04:35
Twitter Icon @autumn_good_35 CVE-2021-21551 DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability… twitter.com/i/web/status/1… 2021-05-06 14:04:35
Twitter Icon @cybersec_nerd Has the prospect of remediating CVE-2021-21551 across all your Dell computers got you down? If you are unsure how t… twitter.com/i/web/status/1… 2021-05-06 15:21:06
Twitter Icon @IT_securitynews Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws itsecuritynews.info/hundreds-of-mi… 2021-05-06 17:03:44
Twitter Icon @LawrenceTomm Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws. securityaffairs.co/wordpress/1175… #securitynews #infosec… twitter.com/i/web/status/1… 2021-05-06 17:15:10
Twitter Icon @Har_sia CVE-2021-21551 har-sia.info/CVE-2021-21551… #HarsiaInfo 2021-05-06 18:23:02
Twitter Icon @BenTheCIO If you're managing a fleet of Dell equipment, you'll want to jump on this: lansweeper.com/vulnerability/… 2021-05-06 18:30:14
Twitter Icon @elemendar CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-06 19:33:02
Twitter Icon @CervonLatvia CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-06 20:14:42
Twitter Icon @opsmatters_uk The latest update for #Cyberint includes "Dell Firmware Update Driver #Vulnerability CVE-2021-21551" and "Why Your… twitter.com/i/web/status/1… 2021-05-06 21:20:30
Twitter Icon @MatthewEHudson Quickly track to see number of machines possibly affected by CVE-2021-21551   (Get-ChildItem -Path C:\Users\,C:\Win… twitter.com/i/web/status/1… 2021-05-07 00:33:02
Twitter Icon @angsuman Dell patches 12-year-old driver vulnerability impacting millions of PCs labs.sentinelone.com/cve-2021-21551… 2021-05-07 00:43:12
Twitter Icon @ZDayhacking Critical #SecurityFlaws found in #Dell, American PC and laptop manufactures, #CVE-2021-21551[#CVSS score: 8.8] lead… twitter.com/i/web/status/1… 2021-05-07 04:14:29
Twitter Icon @rootflag CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-07 06:33:19
Twitter Icon @captainkirk_15 Miljoenen #Dell-computers kwetsbaar door beveiligingslek in driver; labs.sentinelone.com/cve-2021-21551… 2021-05-07 06:33:46
Twitter Icon @Void_Sec Weaponizing CVE-2021-21551, DELL dbutil_2_3.sys EoP 2021-05-07 09:10:27
Twitter Icon @rovabu CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-07 11:54:41
Twitter Icon @cornichecorp CVE-2021-21551- Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack. #Infosec #cybersecurity… twitter.com/i/web/status/1… 2021-05-07 12:35:17
Twitter Icon @experiencia_T CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Fla… twitter.com/i/web/status/1… 2021-05-07 14:06:13
Twitter Icon @Har_sia CVE-2021-21551 har-sia.info/CVE-2021-21551… #HarsiaInfo 2021-05-07 18:24:02
Twitter Icon @jessv_nh @VulcanCyber when I'm interested in your product and I plug in CVE-2021-21551 and get this, I'm not impressed. https://t.co/mlcnKMZ5oi 2021-05-07 18:42:09
Twitter Icon @FredericNuyts Hundreds Of Millions Of #Dell Computers At Risk Due to Multiple #BIOS Driver Privilege Escalation Flaws labs.sentinelone.com/cve-2021-21551… 2021-05-07 21:44:07
Twitter Icon @0xcada Good on SentinelLabs for waiting before releasing the PoC. We will see if a month is enough for orgs to patch. labs.sentinelone.com/cve-2021-21551… 2021-05-07 22:31:15
Reddit Logo Icon /r/blueteamsec DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver - Windows LPE vulnerability in Dell BIOS driver which has been around since ~2009 - CVE-2021-21551 - Inspiron, Latitude, OptiPlex, Precision, Vostro, Wyse and XPS 2021-05-04 13:47:07
Reddit Logo Icon /r/sysadmin Dell patches 12-year-old driver vulnerability impacting millions of PCs 2021-05-04 15:23:13
Reddit Logo Icon /r/netcve CVE-2021-21551 2021-05-04 15:41:43
Reddit Logo Icon /r/technewsfrommalaysia CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 20:07:19
Reddit Logo Icon /r/TechNewsToday CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 20:07:05
Reddit Logo Icon /r/news CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 20:05:59
Reddit Logo Icon /r/blueteamsec CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:35:35
Reddit Logo Icon /r/Defcon CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:34:57
Reddit Logo Icon /r/technology CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:34:22
Reddit Logo Icon /r/Information_Security CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:31:42
Reddit Logo Icon /r/XPS CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:30:50
Reddit Logo Icon /r/GamingLaptops CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:30:14
Reddit Logo Icon /r/laptops CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:29:16
Reddit Logo Icon /r/computers CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:28:05
Reddit Logo Icon /r/computerscience CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:27:32
Reddit Logo Icon /r/InfoSecNews CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:26:58
Reddit Logo Icon /r/ciso CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:26:04
Reddit Logo Icon /r/compsci CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:25:39
Reddit Logo Icon /r/netsec_news CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:23:34
Reddit Logo Icon /r/DellXPS CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:23:09
Reddit Logo Icon /r/Dell CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:22:43
Reddit Logo Icon /r/hacking CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:21:46
Reddit Logo Icon /r/cybersecurity CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:20:56
Reddit Logo Icon /r/ReverseEngineering CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-04 19:18:22
Reddit Logo Icon /r/NoFilterNews /r/news - https://labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/ 2021-05-04 20:41:53
Reddit Logo Icon /r/kace OVAL Catalog 2021-05-05 01:02:54
Reddit Logo Icon /r/netsec DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver - Windows LPE vulnerability in Dell BIOS driver which has been around since ~2009 - CVE-2021-21551 - Inspiron, Latitude, OptiPlex, Precision, Vostro, Wyse and XPS 2021-05-05 05:11:21
Reddit Logo Icon /r/AlienwareAlpha CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-05 05:01:46
Reddit Logo Icon /r/Intune Detect and remove Dell CVE-2021-21551 with Proactive Remediations - MSEndpointMgr 2021-05-05 10:16:19
Reddit Logo Icon /r/msp Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-05 15:03:22
Reddit Logo Icon /r/homelab CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-05 23:13:11
Reddit Logo Icon /r/sysadmin CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws 2021-05-05 23:12:18
Reddit Logo Icon /r/bag_o_news CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws - SentinelLabs 2021-05-06 12:41:55
Reddit Logo Icon /r/cybersecurity Dell issued an update for vulnerability CVE-2021-21551, which poses the risk of kernel code execution, privilege escalation, and denial of service 2021-05-06 14:15:11
© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report