Stack-based Buffer Overflow in Dell PowerEdge Servers
CVE-2021-21556

6.1MEDIUM

Key Information:

Vendor: Dell
Status: Poweredge BiOS Intel 15g
Vendor: CVE Published:; 14 June 2021

What is CVE-2021-21556?

The Dell PowerEdge Server series, including models R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640, contains a vulnerability in their BIOS firmware stemming from a stack-based buffer overflow related to NVDIMM-N installations. This flaw can be exploited by a local user with high privileges, potentially leading to a denial of service, arbitrary code execution, or unauthorized access to sensitive information within the UEFI or BIOS Preboot Environment. Organizations should take immediate action to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PowerEdge BIOS Intel 15G < 2.11.2

References

https://www.dell.com/support/kbdoc/000187958

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 14, 2021
Vulnerability Reserved
Jan 4, 2021

JSON

Dell

What is CVE-2021-21556?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.