ByteOS Network

NVD Vulnerability Details :

CVE-2021-21551

Analyzed

Source-security_alert@emc.com

View Known Exploited Vulnerability (KEV) details

Published At-04 May, 2021 | 16:15

Updated At-28 Oct, 2025 | 14:05

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2022-03-31	2022-04-21	Dell dbutil Driver Insufficient Access Control Vulnerability	Apply updates per vendor instructions.

Date Added: 2022-03-31

Due Date: 2022-04-21

Vulnerability Name: Dell dbutil Driver Insufficient Access Control Vulnerability

Required Action: Apply updates per vendor instructions.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P

Type: Secondary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 4.6

Base severity: MEDIUM

Vector:

AV:L/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

Dell Inc.

>>dbutil>>Versions up to 2.3(inclusive)

cpe:2.3:a:dell:dbutil:*:*:*:*:*:*:*:*

Dell Inc.

>>alienware_14>>-

cpe:2.3:h:dell:alienware_14:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_17_51m_r2>>-

cpe:2.3:h:dell:alienware_17_51m_r2:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_area_51>>-

cpe:2.3:h:dell:alienware_area_51:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_asm100>>-

cpe:2.3:h:dell:alienware_asm100:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_asm100r2>>-

cpe:2.3:h:dell:alienware_asm100r2:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_m14xr2>>-

cpe:2.3:h:dell:alienware_m14xr2:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_m15_r4>>-

cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_m17xr4>>-

cpe:2.3:h:dell:alienware_m17xr4:-:*:*:*:*:*:*:*

Dell Inc.

>>alienware_m18xr2>>-

cpe:2.3:h:dell:alienware_m18xr2:-:*:*:*:*:*:*:*

Dell Inc.

>>canvas_27>>-

cpe:2.3:h:dell:canvas_27:-:*:*:*:*:*:*:*

Dell Inc.

>>cheng_ming_3967>>-

cpe:2.3:h:dell:cheng_ming_3967:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3967>>-

cpe:2.3:h:dell:chengming_3967:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3977>>-

cpe:2.3:h:dell:chengming_3977:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3980>>-

cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3988>>-

cpe:2.3:h:dell:chengming_3988:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3990>>-

cpe:2.3:h:dell:chengming_3990:-:*:*:*:*:*:*:*

Dell Inc.

>>chengming_3991>>-

cpe:2.3:h:dell:chengming_3991:-:*:*:*:*:*:*:*

Dell Inc.

>>dock_wd15>>-

cpe:2.3:h:dell:dock_wd15:-:*:*:*:*:*:*:*

Dell Inc.

>>dock_wd19>>-

cpe:2.3:h:dell:dock_wd19:-:*:*:*:*:*:*:*

Dell Inc.

>>embedded_box_pc_5000>>-

cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*

Dell Inc.

>>g15_5510>>-

cpe:2.3:h:dell:g15_5510:-:*:*:*:*:*:*:*

Dell Inc.

>>g3_3500>>-

cpe:2.3:h:dell:g3_3500:-:*:*:*:*:*:*:*

Dell Inc.

>>g3_3579>>-

cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*

Dell Inc.

>>g3_3779>>-

cpe:2.3:h:dell:g3_3779:-:*:*:*:*:*:*:*

Dell Inc.

>>g5_5000>>-

cpe:2.3:h:dell:g5_5000:-:*:*:*:*:*:*:*

Dell Inc.

>>g5_5090>>-

cpe:2.3:h:dell:g5_5090:-:*:*:*:*:*:*:*

Dell Inc.

>>g5_5500>>-

cpe:2.3:h:dell:g5_5500:-:*:*:*:*:*:*:*

Dell Inc.

>>g5_5587>>-

cpe:2.3:h:dell:g5_5587:-:*:*:*:*:*:*:*

Dell Inc.

>>g5_5590>>-

cpe:2.3:h:dell:g5_5590:-:*:*:*:*:*:*:*

Dell Inc.

>>g7_7500>>-

cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:*

Dell Inc.

>>g7_7588>>-

cpe:2.3:h:dell:g7_7588:-:*:*:*:*:*:*:*

Dell Inc.

>>g7_7590>>-

cpe:2.3:h:dell:g7_7590:-:*:*:*:*:*:*:*

Dell Inc.

>>g7_7700>>-

cpe:2.3:h:dell:g7_7700:-:*:*:*:*:*:*:*

Dell Inc.

>>g7_7790>>-

cpe:2.3:h:dell:g7_7790:-:*:*:*:*:*:*:*

Dell Inc.

>>gaming_g3_3590>>-

cpe:2.3:h:dell:gaming_g3_3590:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_11-3162>>-

cpe:2.3:h:dell:inspiron_11-3162:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_1122>>-

cpe:2.3:h:dell:inspiron_1122:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_1210>>-

cpe:2.3:h:dell:inspiron_1210:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_13_5370>>-

cpe:2.3:h:dell:inspiron_13_5370:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14-3452>>-

cpe:2.3:h:dell:inspiron_14-3452:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14-5459>>-

cpe:2.3:h:dell:inspiron_14-5459:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14_5468>>-

cpe:2.3:h:dell:inspiron_14_5468:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14_7460>>-

cpe:2.3:h:dell:inspiron_14_7460:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14_gaming_7466>>-

cpe:2.3:h:dell:inspiron_14_gaming_7466:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_14_gaming_7467>>-

cpe:2.3:h:dell:inspiron_14_gaming_7467:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_15-3552>>-

cpe:2.3:h:dell:inspiron_15-3552:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_15-5559>>-

cpe:2.3:h:dell:inspiron_15-5559:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_15-5565>>-

cpe:2.3:h:dell:inspiron_15-5565:-:*:*:*:*:*:*:*

Dell Inc.

>>inspiron_15_5566>>-

cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-782	Secondary	security_alert@emc.com
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: CWE-782

Type: Secondary

Source: security_alert@emc.com

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html	security_alert@emc.com	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html	security_alert@emc.com	Exploit Third Party Advisory VDB Entry
https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability	security_alert@emc.com	Mitigation Vendor Advisory
http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability	af854a3a-2127-422b-91ae-364da2661108	Mitigation Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21551	134c704f-9b21-4f2e-91b3-4a467353bcc0	US Government Resource

Hyperlink: http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html

Source: security_alert@emc.com

Resource:

Exploit

Third Party Advisory

VDB Entry

Hyperlink: http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html

Source: security_alert@emc.com

Resource:

Exploit

Third Party Advisory

VDB Entry

Hyperlink: https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability

Source: security_alert@emc.com

Resource:

Mitigation

Vendor Advisory

Hyperlink: http://packetstormsecurity.com/files/162604/Dell-DBUtil_2_3.sys-IOCTL-Memory-Read-Write.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Exploit

Third Party Advisory

VDB Entry

Hyperlink: http://packetstormsecurity.com/files/162739/DELL-dbutil_2_3.sys-2.3-Arbitrary-Write-Privilege-Escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Exploit

Third Party Advisory

VDB Entry

Hyperlink: https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Mitigation

Vendor Advisory

Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21551

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Resource:

US Government Resource

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History