On the 4th May, 2021, a security researcher at SentinelOne (a cybersecurity company) discovered the five bugs vulnerability in DBUtil driver version 2.3 which may lead to escalation of privileges, denial of service, or information disclosure.
Five (5) flaws have collectively been tracked as CVE-2021-21551, found in the DBUtil driver on the Dell machines. This driver file may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system and unpacked during it’s next reboot.
How it works
The five (5) bug flaw which allows escalation of privileges from a non-administrative user, to kernel mode privileges, provides an attacker with high level permissions that can see unrestricted access to all hardware available on the system, including referencing memory addresses. The vulnerability severity is not listed as critical, since exploitation by the attacker requires compromising the computer in advance. However, it should be noted that treat actors and malware can gain persistence on infected systems.
- Immediately remove the vulnerable DBUtil 2.3 driver from affected systems
- Obtain and run the latest firmware update utility package
For more information on this alert kindly follow this URL:
The Guyana National CIRT recommends that users and administrators review this alert and apply the solutions where necessary.
- Vulnerable Dell driver puts hundreds of millions of systems at risk (4th May, 2021). Retrieved from Bleepingcomputer
- Dell patches vulnerable driver in a decade of IT products, computers and laptops (4th May, 2021). Retrieved from SCmagazine.