CVE-2021-21551- Millions Of Dell Computers At Risk – Multiple BIOS Driver Privilege Escalation Flaws

– SentinelLabs has discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks and tablets.
– Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privileges.
Since 2009, Dell has released hundreds of millions of Windows devices worldwide which contain the vulnerable driver.
– SentinelLabs findings were proactively reported to Dell on Dec 1, 2020 and are tracked as CVE-2021-21551 , marked with CVSS Score 8.8.
– Dell has released a security update to its customers to address this vulnerability.
At this time, SentinelOne has not discovered evidence of in-the-wild abuse.