CVE-2021-21551 PoC — Dell dbutil Driver 安全漏洞

Source

https://github.com/nanabingies/CVE-2021-21551

Associated Vulnerability

Title:Dell dbutil Driver 安全漏洞 (CVE-2021-21551)
Description:Dell dbutil Driver是美国戴尔（Dell）公司的一个应用软件。提供了戴尔公司设备的一个驱动程序。 Dell dbutil Driver 存在安全漏洞，该漏洞源于戴尔dbutil驱动程序dbutil 2 .sys中不正确的访问限制。以下产品及版本受到影响：DBUtil: 2.3 。

Description

Dell Driver EoP (CVE-2021-21551)

Readme

# CVE-2021-21551
Dell Driver EoP (CVE-2021-21551)

# Description
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

This exploit was tested on Windows 10 v1511. 

[Link to advisory](https://www.sentinelone.com/labs/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/)

File Snapshot


 [4.0K]  /data/pocs/67118edc88008f61ded98352c3174508387e9a20
├── [ 14K]  dbutil_2_3.sys
├── [6.3K]  Exploit.cpp
└── [ 500]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!