CVE-2021-21551 – Dell dbutil Driver Insufficient Access Control Vulnerability

https://notcve.org/view.php?id=CVE-2021-21551

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. El controlador Dell dbutil_2_3.sys, contiene una vulnerabilidad de control de acceso insuficiente que puede conllevar a una escalada de privilegios, denegación de servicio o divulgación de información. Es requerido un acceso de usuario autenticado local The DBUtil_2_3.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory. Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure. • https://www.exploit-db.com/exploits/49893 https://github.com/waldo-irc/CVE-2021-21551 https://github.com/mathisvickie/CVE-2021-21551 https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551 https://github.com/ch3rn0byl/CVE-2021-21551 https://github.com/mzakocs/CVE-2021-21551-POC https://github.com/nanabingies/CVE-2021-21551 https://github.com/Eap2468/CVE-2021-21551 https://github.com/arnaudluti/PS-CVE-2021-21551 http://packetstormsecurity.com/files/162604/Dell-DBUtil& • CWE-782: Exposed IOCTL with Insufficient Access Control •