Five flaws in one
A collection of five flaws, collectively tracked as CVE-2021-21551, have been discovered in DBUtil, a driver from that Dell machines install and load during the BIOS update process and is unloaded at the next reboot.
Looking closer at the DBUtil driver, Kasif Dekel, a security researcher at cybersecurity company SentinelOne, found that it can be exploited “to escalate privileges from a non-administrator user to kernel mode privileges.”
Code from an attacker running with this level of permissions would have unrestricted access to all hardware available on the system, including referencing any memory address.
This type of vulnerability is not considered critical because an attacker exploiting it needs to have compromised the computer beforehand. However, it allows threat actors and malware to gain persistence on the infected system.
Although there is a single tracking number, Dekel says that there are five separate flaws, most of them leading to privilege escalation and one code logic issue that leads to denial of service.