Dell’s line of Dell laptop, tablet and tablet computers manufactured after 2009 is at risk of being exploited and granting an administrator access to the system. Accordingly, hundreds of millions of Dell computers could be attacked if hackers took advantage of this vulnerability.
The cause is indicated by five system drive security flaws found in most Dell computers manufactured after 2009. Vulnerability group CVE 2021-21551 can be used to crash system, steal information, and even change privileges for complete control of a computer. The vulnerability can be exploited as soon as the user logs into the device or when opening applications.
Casif Dekel, SentinelOne’s chief security researcher, warns: “Even though we haven’t seen any signs that these vulnerabilities have been exploited on a large scale, with hundreds of millions of businesses and users at high risk, attackers will soon discover the vulnerability. Like we’re not taking appropriate action.”
The errors can be found on Dell’s Firmware and Driver Update page, and it’s worth noting that it’s very easy to exploit this vulnerability. Basically, a Dell driver accepts commands from any user or program on the device without security checks or access control to determine the privileges of the person issuing the command.
System-specific commands are the IOCTL command that directs the driver to move memory content from one location to another, allowing an attacker to read and write RAM. When this step is reached, the operating system on the victim’s computer has been almost controlled by the bad guy and can be installed with rootkit tools for the bad guys to control and attack the computer remotely without being detected.
Dell computer drivers also allow reading and writing to I / O. Altogether, there are two memory errors, two input validation errors and one logic error. Some of them are relatively easy to exploit, while others are difficult to exploit.
After bug hunters reported these bugs to Dell in December 2020, Dell released a patched driver update and a set of questions and answers (FAQ) on the topic. The correction is expected to be released from May 10.
Refer to Softpedia
