BIOS PrivEsc Bugs that Infects Hundreds of Dell PCs Worldwide!

BIOS PrivEsc Bugs that Infects Hundreds of Dell PCs Worldwide!

Dell the computer manufacturer organization has issued an update that fixed various critical flaws or vulnerabilities that were hidden since 2009 and permits the attackers to access the kernel-mode privileges that also initiate denial-of-service attacks.

However, this issue was identified by the researcher on 1st December 2020, after that organization driven a firmware update named dbutil_2_3.sys which is already installed in the systems. Whereas, millions of laptops, desktops, tablets, and notebooks are affected or vulnerable.

The driver dbutil_2_3 holds the insufficient access control vulnerability which leads to the escalation privileges, leak data, cause DoS, and multiple other attacks. Although, Locally authenticated user credentials will be needed.

BIOS PrivEsc Bugs that Infects Hundreds of Dell PCs Worldwide!

All the identified flaws will be allotted as CVE identifier CVE-2021-21551 having the CVSS score of 8.8 and others are listed below;

  • CVE-2021-21551: Local Elevation of Privileges #1 – Memory Corruption
  • CVE-2021-21551: Local Elevation of Privileges #2- Memory Corruption
  • CVE-2021-21551: Local Elevation of Privileges #3 – Lack of validation input
  • CVE-2021-21551: Local Elevation of Privileges #4 – Lack of validation input
  • CVE-2021-21551: Denial Of Service – Code logic issue

According to the expert analysis, this security vulnerability permits the user to escalate the issue and run code in the kernel mode. These vulnerabilities will also abuse the products and overlaps the security feature.

Due to these local privilege execution bugs, it will be exploited over the internet while executing the attack and the adversary will also need to contain the access for non-admin accounts present on the vulnerable system and the driver bug which can be abused to get the local elevation. In case these were armed than the attackers maybe leverage the other techniques that execute the arbitrary code and moves across the organization.

Summering Up

Since the investigators were unable to find any evidence while detecting the suspect, they will say that they have planned while releasing the proof-of-concept on June 1st. They will also be disclosed that the third time the same problem was reported to the company and they will credit Scott Noone for Open System Resources while reporting and examining the vulnerabilities.

Leave a Reply