Vulnerability Details : CVE-2021-21551

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Vulnerability category: BypassGain privilegeDenial of serviceInformation leak

Published 2021-05-04 16:15:08

Updated 2022-07-14 15:42:46

Source Dell

View at NVD, CVE.org

At least one public exploit which can be used to exploit this vulnerability exists!

CVE-2021-21551 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:

Dell dbutil Driver Insufficient Access Control Vulnerability

CISA required action:

Apply updates per vendor instructions.

CISA description:

Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service, or information disclosure.

Added on 2022-03-31 Action due date 2022-04-21

Exploit prediction scoring system (EPSS) score for CVE-2021-21551

Probability of exploitation activity in the next 30 days: 0.15%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2021-21551

Dell DBUtil_2_3.sys IOCTL memmove

Disclosure Date : 2021-05-04

exploit/windows/local/cve_2021_21551_dbutil_memmove

The DBUtil_2_3.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker read and write kernel-mode memory. Authors: - Kasif Dekel - SentinelLabs - Spencer McIntyre

More information

CVSS scores for CVE-2021-21551

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	[email protected]
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	[email protected]
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	2.0	6.0	[email protected]
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-21551

CWE-285 Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Assigned by: [email protected] (Secondary)

References for CVE-2021-21551

http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html

Exploit;Third Party Advisory;VDB Entry
https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability

Mitigation;Vendor Advisory
http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html

Exploit;Third Party Advisory;VDB Entry

Products affected by CVE-2021-21551

Dell » Dbutil 2 3.sys » Version: N/A
cpe:2.3:a:dell:dbutil_2_3.sys:-:*:*:*:*:*:*:*
Matching versions