Multiple vulnerabilities in Dell PowerEdge BIOS



Published: 2022-09-23
Risk Medium
Patch available YES
Number of vulnerabilities 20
CVE-ID CVE-2021-0189
CVE-2022-21166
CVE-2022-21127
CVE-2022-21125
CVE-2022-21123
CVE-2021-0155
CVE-2021-0188
CVE-2021-0159
CVE-2021-33103
CVE-2021-33124
CVE-2021-33122
CVE-2021-0190
CVE-2021-33123
CVE-2021-0153
CVE-2021-0154
CVE-2021-21136
CVE-2021-21131
CVE-2022-0005
CVE-2022-0004
CVE-2021-33117
CWE-ID CWE-823
CWE-200
CWE-459
CWE-252
CWE-466
CWE-20
CWE-441
CWE-787
CWE-691
CWE-248
CWE-284
CWE-264
CWE-254
Exploitation vector Network
Public exploit Public exploit code for vulnerability #17 is available.
Vulnerable software
Subscribe
Dell PowerEdge BIOS 15G
Hardware solutions / Firmware

Dell PowerEdge BIOS 14G
Hardware solutions / Firmware

Vendor Dell

Security Bulletin

This security bulletin contains information about 20 vulnerabilities.

1) Use of Out-of-range Pointer Offset

EUVDB-ID: #VU63176

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0189

CWE-ID: CWE-823 - Use of Out-of-range Pointer Offset

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use of out-of-range pointer offset in the BIOS firmware. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU64366

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21166

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Incomplete cleanup

EUVDB-ID: #VU64376

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21127

CWE-ID: CWE-459 - Incomplete cleanup

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information on the system.

The vulnerability exists due to incomplete cleanup in specific special register read operations. A local user can enable information disclosure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Information disclosure

EUVDB-ID: #VU64365

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21125

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.



Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Information disclosure

EUVDB-ID: #VU64364

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21123

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.


Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Unchecked Return Value

EUVDB-ID: #VU63181

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0155

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to unchecked return value in the BIOS firmware. A local user can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Return of pointer value outside of expected range

EUVDB-ID: #VU63180

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0188

CWE-ID: CWE-466 - Return of pointer value outside of expected range

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary error in the BIOS firmware. A local user can force the firmware to return pointer value outside of expected range and gain access to potentially sensitive information.


Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Input validation error

EUVDB-ID: #VU63179

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0159

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in the BIOS authenticated code module. A local user can pass specially crafted data to the affected module and execute arbitrary code on the system with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Unintended proxy or intermediary

EUVDB-ID: #VU63178

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33103

CWE-ID: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to presence of an unintended proxy in the BIOS authenticated code module. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Out-of-bounds write

EUVDB-ID: #VU63177

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33124

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the BIOS authenticated code module. A local user can run a specially crafted program to trigger an out-of-bounds write error and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Insufficient Control Flow Management

EUVDB-ID: #VU63175

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33122

CWE-ID: CWE-691 - Insufficient Control Flow Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient control flow management in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Uncaught Exception

EUVDB-ID: #VU63099

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0190

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to uncaught exception in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Improper access control

EUVDB-ID: #VU63083

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33123

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system

The vulnerability exists due to improper access restrictions in the BIOS authenticated code module. A local user can obtain elevated privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Out-of-bounds write

EUVDB-ID: #VU63082

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0153

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the BIOS firmware. A local user can  run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Input validation error

EUVDB-ID: #VU63081

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0154

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in the BIOS firmware. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU49714

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-21136

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient policy enforcement in WebView in Google Chrome. A remote attacker can trick the victim to visit a specially crafted website, bypass implemented security measures and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU49709

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-21131

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient policy enforcement in File System API in Google Chrome. A remote attacker can trick the victim to visit a specially crafted website, bypass implemented security measures and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Information disclosure

EUVDB-ID: #VU63528

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0005

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to sensitive information becomes accessible by physical probing of JTAG interface in the Intel Software Guard Extensions (SGX) Platform. An attacker with physical access to the affected device can gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Security features bypass

EUVDB-ID: #VU63503

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0004

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to hardware debug modes and processor INIT setting allow to override of locks for some Intel Processors in Intel Boot Guard and Intel Trusted Execution Technology. An unauthenticated attacker with physical access to the system can bypass implemented security restrictions and escalate privileges on the system.

The vulnerability can be also exploited remotely by an authenticated attacker on the local network.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Improper access control

EUVDB-ID: #VU63349

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33117

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell PowerEdge BIOS 15G: before 1.6.5

Dell PowerEdge BIOS 14G: before 2.14.2

before 1.6.5before 2.14.2
CPE2.3 External links

http://www.dell.com/support/kbdoc/nl-nl/000202798/dsa-2022-246-dell-emc-vxflex-ready-node-custom-node-vxflex-ready-node-security-update-for-dell-poweredge-bios-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###