SECURITY
SECURITY
SECURITY
Vulnerabilities in Dell driver affect hundreds of millions of computers
Dell Technologies Inc. today issued an urgent patch to address vulnerabilities found in hundreds of millions of computers sold by the company since 2009.
Discovered and publicized today by researchers at SentinelLabs, the five vulnerabilities, tracked collectively as CVE-2021-21551, affect DVUtil 2.3, a Dell BIOS driver that allows the operating system and system apps to interact with the computer’s BIOS, which is firmware used in booting up a computer, as well as hardware.
Rated with a CVSS score of 8.8 on a scale of 10, the vulnerabilities include four that can be exploited for privilege escalation and one that can be used for a denial-of-service attack. The five collectively cover memory corruption, input validation and a code-logic issue.
It’s serious enough that Dell has created a knowledge base article as well as provided a fix. But the vulnerabilities cannot be exploited via the internet and can only be done so by an attacker with direct access to the affected device. With access to a device, an attacker, through privilege escalation, can execute arbitrary code with kernel-mode permissions. In doing so, the attacker could bypass security products and take full control of the device.
“An attacker with access to an organization’s network may also gain access to execute code on unpatched Dell systems and use this vulnerability to gain local elevation of privilege,” the researchers noted. “Attackers can then leverage other techniques to pivot to the broader network, like lateral movement.”
On the positive side, the researchers said that haven’t seen any indication that the vulnerabilities being exploited in the wild yet. They added that with hundreds of millions of enterprises and users currently vulnerable, they believe it’s inevitable that attackers will seek out those who don’t take the appropriate action.
Dell advises customers to immediately remove the vulnerable dbutil_2_3.sys driver from affected systems by downloading and running a utility to remove the driver or manually do so. After that’s done, users should then obtain and run the latest firmware update packages through the appropriate update utility package: Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent or Dell Platform Tags as applicable.
Photo: Anandtech
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
