CVE-2021-21551 PoC — Dell dbutil Driver 安全漏洞

Source

https://github.com/ch3rn0byl/CVE-2021-21551

Associated Vulnerability

Title:Dell dbutil Driver 安全漏洞 (CVE-2021-21551)
Description:Dell dbutil Driver是美国戴尔（Dell）公司的一个应用软件。提供了戴尔公司设备的一个驱动程序。 Dell dbutil Driver 存在安全漏洞，该漏洞源于戴尔dbutil驱动程序dbutil 2 .sys中不正确的访问限制。以下产品及版本受到影响：DBUtil: 2.3 。

Readme

# CVE-2021-21551

A PoC that exploits Dell's dbutil_2_3 driver. Will get code execution on a system that has HVCI disabled as shown below:    

![thangothang](https://github.com/ch3rn0byl/CVE-2021-21551/blob/master/Images/Capture.PNG)

Ouptut:    
![thangothang](https://github.com/ch3rn0byl/CVE-2021-21551/blob/master/Images/Capture2.PNG)

The write-up for this code can be found here: https://ch3rn0byl.com/2021/05/a-dell-cve-2021-21551/

File Snapshot


 [4.0K]  /data/pocs/493baa63edc508d9a498a1bbc4a9216533f8381b
├── [4.0K]  CVE-2021-21551
│   ├── [1.2K]  base.cpp
│   ├── [ 527]  base.h
│   ├── [2.7K]  CVE-2021-21551.cpp
│   ├── [7.4K]  CVE-2021-21551.vcxproj
│   ├── [2.2K]  CVE-2021-21551.vcxproj.filters
│   ├── [3.3K]  DellBiosUtil.cpp
│   ├── [4.4K]  DellBiosUtil.h
│   ├── [1.9K]  resolve.cpp
│   ├── [1.0K]  resolve.h
│   └── [2.2K]  typesndefs.h
├── [1.4K]  CVE-2021-21551.sln
├── [4.0K]  Images
│   ├── [ 31K]  Capture2.PNG
│   └── [ 65K]  Capture.PNG
└── [ 440]  README.md

2 directories, 14 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!