Dell BIOSConnect stack-based overflow [CVE-2021-21573]

Overview :

A vulnerability classified as critical was found in Dell BIOSConnect (affected version unknown). Affected by this vulnerability is some unknown processing. Upgrading eliminates this vulnerability.

Affected Product(s) :

Alienware m15 R6, Inspiron, OptiPlex, Latitude, Vostro, XPS – version 3

Vulnerability Details :

CVE ID :

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow vulnerability.

An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Solution :
Dell recommends all customers update to the latest Dell Client BIOS version at the earliest opportunity. Customers who choose not to apply BIOS updates immediately or who are otherwise unable to do so now, should apply the below mitigation.

Contact us to get started

CVE-2024-20418 : CISCO IOS XE CONTROLLER WEB-BASED MANAGEMENT INTERFACE COMMAND INJECTION

Description A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB)

Learn more

CVE-2024-20536 : CISCO DATA CENTER NETWORK MANAGER 12.1.2E/12.1.2P/12.1.3B WEB-BASED MANAGEMENT INTERFACE/REST API ENDPOINT SQL INJECTION

Description A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could

Learn more

CVE-2024-50340 : SYMFONY INJECTION

Description symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the

Learn more