Notebookcheck Logo

Dell's firmware update driver has harbored severe security bugs for over a decade, according to researchers

A Core i7 XPS 13. (Source: Dell)
A Core i7 XPS 13. (Source: Dell)
Dell has issued numerous patches as part of its latest Security Advisory (DSA-2021-088) in response to findings of a "severe" CVE consisting of five different privilege-exploit bugs that have apparently been in effect for the last 12 years. Fortunately, they have never been acted upon, which, as they could have allowed unauthorized users to write data or manipulate memory.

The security research group SentinelLabs claims to have discovered potentially dangerous bugs in a common Dell driver that, as it claims, poses potentially "far reaching and significant" ramifications for hundreds of millions of individual and enterprise users with PCs from the OEM worldwide. 

The lab asserts that the vulnerabilities are found in the Dell firmware update driver module v2.3 (dbutil_2_3.sys) , which has been active on the company's machines since 2009. There are apparently 5 of these flaws, 4 of which are local privilege escalations (LPEs) and 1 a denial-of-service (DoS) bug.

Of the LPEs, 2 are described as arising from memory corruption and 2 from input validation deficiencies. According to SentinelLabs, they may lead to various entry-points for non-privileged users, one of the more prominent of which is the ability to enact input/output control (IOCTL) requests without reference to an access-control list (ACL).

This license to override ACLs (a set of rules intended to restrict access to privileged users only) might allow a malicious actor to create read/write vulnerabilities, or interact with components such as GPUs or hard drives. The 5 bugs are now known collectively as CVE-2021-21551, which holds a severity rating of 8.8 out of 10.

Then again, SentinelLabs also note they have no record of the flaws ever having been exploited (perhaps we would have heard of them sooner had this occurred). It apprised Dell of the situation long before publishing its research publicly, resulting in the Security Advisory DSA-2021-088 being pushed to all PCs running the affected driver.

However, the security team finds the measure unsatisfactory, claiming that its "certificate was not yet revoked (at the time of writing)". Nevertheless, installing the new fixed driver found in the recent DSA is advised to best protect against the potential security issues.

First thing to do on setting up your new XPS 13, then.


static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2021 05 > Dell's firmware update driver has harbored severe security bugs for over a decade, according to researchers
Deirdre O'Donnell, 2021-05- 7 (Update: 2021-05- 7)