QID 375589

Date Published: 2021-05-27

QID 375589: Dell Driver Insufficient Access Control Vulnerability

Dbutil_2_3.sys packaged with Dell Client firmware update utility packages and software tools.

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure.

QID Detection Logic (Authenticated)
This checks for the presence of fdbutil_2_3.sys file on the target.

Successful exploitation of this vulnerability may lead to escalation of privileges, denial of service, or information disclosure.

CVSS V3 rated as High - 7.8 severity.

CVSS V2 rated as Medium - 4.6 severity.

Solution

For more information regarding the update DSA-2021-088

Vendor References

DSA-2021-088 - www.dell.com/support/kbdoc/en-in/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability?utm_source=narrativ

CVEs related to QID 375589

CVE-2021-21551 |

Software Advisories

Advisory ID	Software	Component	Link
DSA-2021-088			www.dell.com/support/kbdoc/en-in/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability?utm_source=narrativ

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].