PT-2021-14620 · Dell · Dell Biosconnect

Jesse Michael

Published

2021-06-24

Updated

2021-06-30

CVE-2021-21573

CVSS v3.1

7.5

High

Vector

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell BIOSConnect (affected versions not specified)

Description The Dell BIOSConnect feature contains a buffer overflow issue. An authenticated malicious admin user with local access to the system may potentially exploit this to run arbitrary code and bypass UEFI restrictions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2021-21573

Affected Products

Dell Biosconnect

PT-2021-14620 · Dell · Dell Biosconnect

CVE-2021-21573

Weakness Enumeration

Related Identifiers

Affected Products

References · 3