The vulnerability exists in the dbutil_2_3.sys driver. This driver file may have been installed on your Dell Windows operating system when you used firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags, including when using any Dell notification solution to update drivers, BIOS, or firmware for your system. To best protect yourself, Dell recommends removing the dbutil_2_3.sys driver from your system by following one of three options listed in Remediation Step 1 below.The bug, tracked as CVE-2021-21551, impacts version 2.3 of DBUtil, a Dell BIOS driver that allows the OS and system apps to interact with the computer’s BIOS and hardware.
In a report published today and shared with The Record, security firm SentinelOne said it found a vulnerability in this driver that could be abused to allow threat actors access driver functions and execute malicious code with SYSTEM and kernel-level privileges.
The company said it plans to release proof-of-concept code for CVE-2021-21551 on June 1. It recommended that system administrators and users apply the Dell DBUtil updates until then.
Dell has remediated the dbutil driver and has released firmware update utility packages for supported platforms running Windows 10, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent and Dell Platform Tags. For supported platforms on Windows when you: * install a remediated package containing the BIOS, Thunderbolt firmware, TPM firmware, or dock firmware; or * update Dell Command Update, Dell Update, or Alienware Update; or * install the latest version of Dell System Inventory Agent or Dell Platform Tags,