Jim K Global Moderator Posted May 5, 2021 Global Moderator Share Posted May 5, 2021 FYI Quote // Executive Summary SentinelLabs has discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks and tablets. Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privileges. Since 2009, Dell has released hundreds of millions of Windows devices worldwide which contain the vulnerable driver. SentinelLabs findings were proactively reported to Dell on Dec 1, 2020 and are tracked as CVE-2021-21551, marked with CVSS Score 8.8. Dell has released a security update to its customers to address this vulnerability. At this time, SentinelOne has not discovered evidence of in-the-wild abuse. //snip Sentinel Labs Dell KB/solution and list of affected computers (practically every Dell since 2009 and some Alienware/Cheng Ming) DSA-2021-088: Dell Client Platform Security Update for an Insufficient Access Control Vulnerability in the Dell dbutil Driver Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now