The bug, with the memorable name CVE-2021-21551, impacts version 2.3 of DBUtil, a Dell BIOS driver that allows the OS and system apps to interact with the computer’s BIOS and hardware.
In a report published today and shared with The Record, security firm SentinelOne said it found a vulnerability that could allow threat actors to access driver functions and execute malicious code with SYSTEM and kernel-level privileges.
Researchers said the DBUtil vulnerability could not be exploited over the internet to access unpatched systems remotely. Instead, threat actors who gained initial access to a computer, even to a low-level account, could abuse this bug to take complete control over the compromised PC — in what the security community typically describes as a privilege escalation vulnerability.
This bug is nothing out of the ordinary. It is relatively typical for system drivers these days, many of which have been coded years ago and have not always followed secure coding practices.
SentinelOne said it worked with Dell since December to make sure fixes are available. The company said it plans to release proof-of-concept code for CVE-2021-21551 on June 1. It recommended that system administrators and users apply the Dell DBUtil updates until then.
CrowdStrike security expert Alex Ionescu said it was the third time that someone reported the same issue to the hardware vendor in two years.