CVE-2021-21551CISA KEV: Actively Exploited

Dell dbutil Driver Insufficient Access Control Vulnerability

Published Mar 31, 2022·Updated Mar 31, 2022

Description

Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service (DoS), or information disclosure.

Public Exploits & PoCs13 found

PoC: CVE-2021-21551

Exploit to SYSTEM for CVE-2021-21551

236

PoC: Dell-Driver-EoP-CVE-2021-21551

Dell Driver EoP (CVE-2021-21551)

22

PoC: CVE-2021-21551

arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system

20

PoC: CVE-2021-21551-POC

An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit.

4

PoC: Driver-RW

Page Table Manipulation -- CVE-2021-21551

2

PoC: kernel-mii

Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.

1

PoC: PS-CVE-2021-21551

Script to patch your domain computers about the CVE-2021-21551. Privesc on machines that have the driver dbutil_2_3.sys, installed by some DELL tools (BIOS updater, SupportAssist...)

1

PoC: cve-2021-21551-PoC

This repo contain a PoC I have done when blind analysis the dbutil_2_3.sys driver for vulnerability. This was created by personal analysis without looking at writeups or even know which CVE exist in this driver. All the knowledge I have is that this driver is vulnerable in some way.

PoC: CVE-2021-21551

Exploit implementation for CVE-2021-21551

PoC: CVE-2021-21551

Proof of concept exploit for CVE-2021-21551

PoC: CVE-2021-21551

Dell dbutil_2_3.sys driver exploit

PoC: CVE-2021-21551

This example is inspired by https://www.mitchellzakocs.com/blog/dbutil#exploitation-and-proof-of-concept and used in my windows rootkit. an exploit that lets me free use of reading/write from/to any virtual/physical memory address in any size i want.

PoC: CVE-2021-21551

Dell Driver EoP (CVE-2021-21551)

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free