Remember Dell BIOS Driver Vulnerability that posted 10 days ago? The vuln risk score was 18.52, and now it is 16.68 (downgraded).
What's new?
A metasploit module (POC) has been released; CVSS3 has also been downgraded from 8.8 to 7.8.
Below is the latest threat intelligence (new interface). 🙈🙉🙊
└─$ ./kvi-cli.py -v cve 2021-21551 -cz
[*] Searching cve-[['2021-21551']] vulnerability definitions within Kenna.VI+....
[ CVE Description ]
[*] CVE_ID : CVE-2021-21551
[_] Desc : Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
[ Kenna.VM Summary ]
[*] Vuln Risk : 16.6855
[*] Easily_Exploit : True
[*] Malware_Exploit : False
[*] Popular_Target : False
[*] Active_Internet_Breach : False
[ Kenna.VI+ ]
[*] Successful_Exploitations : 0
[*] Velocity (D/W/M) : 0/0/0
[*] Daily_Trend : holding
[*] Pre_NVD : True [_FALSE_]
[*] RCE : True [_FALSE_]
[*] Predicted_Exploitable : False (0.2411% confidence)
[ Kenna.VI+ Details ]
[_] Created_at : 2021-01-04T18:00:05Z
[_] Published : 2021-05-04T16:15:00Z
[_] Last_Modified : 2021-05-10T21:10:00Z
[ Links / References ]
[*] Malware sample : 0
[_] Exploits/POC [1]:
[ --> ] created_at : 2021-05-15T06:00:18Z
[ --> ] external_id : exploit/windows/local/cve_2021_21551_dbutil_memmove
[ --> ] name : Dell DBUtil_2_3.sys IOCTL memmove
[ --> ] url : http://www.rapid7.com/db/modules/exploit/windows/local/cve_2021_21551_dbutil_memmove
[_] Fixes [1]:
[ --> ] external_id : dell-driver-cve-2021-21551-dsa-2021-088
[ --> ] url : None
[ --> ] product : None
[ --> ] published_at : 2021-05-04T00:00:00Z
[_] Threat Actors [0]:
[ --> ] None
[ CVSS2 / CVSS3 Details ]
| Impact | | | CVSS_Access
================+=========+===+================+==============
Availability | Partial | | Complexity | Low
Confidentiality | Partial | | Vector | Local access
Integrity | Partial | | Authentication | None required
| CVSS_V2 | CVSS_V3
==============+===========================================+===========================================================
Base Score | 4.600 | 7.800
Exploit_Score | 3.900 | 1.800
Impact_Score | 6.400 | 5.900
Temporal | 3.400 | None
Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
[ Others ]
[*] Vulnerable Products [1] :
[ --> ] cpe:2.3:a:dell:dbutil_2_3.sys:-:*:*:*:*:*:*:*
[ CVE Malware Family Info : None ]
[ CVE Chatter Info : None ]
[ CVE History : CVE-2021-21551 ]
[*] ID : 2930594
[*] Vuln Risk Score : 17
[*] History : 2
[**] changed_at : 2021-05-05T04:14:52.000Z
[**] from : 25
[**] to : 19
[**] changed_at : 2021-05-11T04:03:25.000Z
[**] from : 19
[**] to : 17
[ High_Profile_Vulnerability ]
[!!!] CVE-2021-21551 (16.6855) : ['hpv_poc']
** [5] threads completed [4 tasks] / [2.23 KB] within [3.98 sec].