image
Five high-severity security flaws in Dell’s firmware update driver are impacting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets, researchers said. The bugs have gone undisclosed for 12 years, and could allow the ability to bypass security products, execute code and pivot to other parts of the network for lateral movement, according to SentinelLabs. The multiple local privilege-escalation (LPE) bugs exist in the firmware update driver version 2.3 (dbutil_2_3.sys) module, which has been in use since 2009. The driver component handles Dell firmware updates via the Dell BIOS Utility, and it comes pre-installed on most Dell machines running Windows. “Hundreds of millions of Dell devices have updates pushed on a regular basis, for both consumer and enterprise systems,” according to SentinelLabs researchers, writing in a Tuesday blog posting. The five bugs are collectively tracked as CVE-2021-21551, and they carry a CVSS vulnerability-severity rating of 8.8 out of 10. Privilege Escalation to Kernel-Mode Researchers reported that the flaws allow adversaries to escalate their status from non-administrator user to having kernel-mode privileges. The five bugs specifically are: LPE No. 1, due to memory corruption LPE No 2, also due to memory corruption LPE No. 3, due to a lack of input validation LPE No. 4, also due to a lack of input validation Denial of service flaw, due to a code-logic issue SentinelLabs researchers said they’re withholding a…

Source