The firmware update driver component is responsible for Dell Firmware Updates via the Dell Bios Utility.
The findings of the vulnerability was proactively reported by SentinelLabs to Dell on Dec 1, 2020.
Local authenticated user access is required before this vulnerability can be exploited, Dell said in the advisory.
We remediated a vulnerability (CVE-2021-21551) in a driver (dbutil_2_3.sys) affecting certain Windows-based Dell computers.
We have seen no evidence this vulnerability has been exploited by malicious actors to date.
We appreciate the researchers working directly with us to sort out the issue.
source: www.techworm.net
