Patch issued to tackle critical security issues present in Dell driver software since 2009
On Tuesday, SentinelLabs reported that a researcher on their team had discovered 5 serious vulnerabilities in Dell’s DBUtil BIOS driver. This technology is used in Dell’s desktop and laptop PCs, notebooks, and tablet products, therefore affecting a wide range of Dell’s offerings. The team reported that the flaws have existed within the driver since 2009, however, there is no indication that the bugs have been exploited in the wild as of right now.
The driver comes pre-installed on many Dell machines running Windows, according to the researchers. There has been one CVE assigned to address the five vulnerabilities disclosed by SentinelLabs, CVE-2021-21551. Two of the bugs are centered around memory corruption issues in the driver while two are security failures due to a lack of input validation. One of the vulnerabilities was found to allow for denial-of-service attacks. Dell has since patched the issues and released an update to its customers.