CVE-2021-21556

CVSS 6.1 MEDIUMEPSS 0.3%CWE-121

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 Jun 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

Affected products

Dell · PowerEdge BIOS Intel 15G

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/000187958