Dell has launched a patch that addresses a number of vulnerabilities in its DBUtil BIOS driver after a security researcher discovered that the driver in query could possibly be abused by an attacker to realize elevated system privileges.
The weak driver was first found by security analysis Kasif Dekel from SentinelLabs and the crew knowledgeable the PC large of its findings again in December of final 12 months. According to the US-based cybersecurity agency, the driver has been weak since 2009 although there isn’t any proof right now that its flaws have been exploited within the wild.
The DBUtil BIOS driver comes pre-installed on many Dell laptops and desktops operating Windows and is accountable for Dell Firmware Updates by way of the Dell BIOS Utility. It is estimated that tons of of hundreds of thousands of units from the corporate obtained the weak driver by way of BIOS updates.
Five separate flaws
After analyzing the DBUtil driver extra carefully, Dekel found a assortment of 5 flaws, at present tracked as CVE-2021-21551 by Dell, that may be exploited to “escalate privileges from a non-administrator users to kernel mode privileges”.
Of the 5 separate flaws present in Dell’s driver, two are reminiscence corruption points, two are security failures brought on by a lack of enter validation and one is a logic challenge that might doubtlessly be exploited to set off denial-of-service. In addition to discovering these flaws, Dekel has additionally created Proof-of-Concept (PoC) code which he plans to launch on June 1 as a way to give Dell customers time to use the corporate’s patch.
In a new blog post, Dekel defined SentinelLab’s resolution to launch its analysis publicly, saying:
“While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, with hundreds of million of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action. Our reason for publishing this research is to not only help our customers but also the community to understand the risk and to take action.”
Dell customers ought to take a look at the corporate’s new advisory and FAQ doc which comprise remediation steps for these flaws. As Dekel talked about, customers ought to set up Dell’s up to date DBUtil driver as quickly as doable to stop falling sufferer to any potential assaults attempting to use these security flaws.