CVE-2021-21571

Name of the Vulnerable Software and Affected Versions Dell UEFI BIOS (affected versions not specified)

Description The issue concerns an improper certificate validation vulnerability in the Dell UEFI BIOS https stack, which is used by the Dell BIOSConnect feature and Dell HTTPS Boot feature. This vulnerability can be exploited by a remote unauthenticated attacker using a person-in-the-middle attack, potentially leading to a denial of service and payload tampering.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.