CVE-2021-21556: Buffer Overflow
First published: Mon Jun 14 2021(Updated: )
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Poweredge R640 Firmware | <2.11.2 | |
| Dell PowerEdge R640 | ||
| Dell Poweredge R740 Firmware | <2.11.2 | |
| Dell Poweredge R740 | ||
| Dell Poweredge R740xd Firmware | <2.11.2 | |
| Dell Poweredge R740xd | ||
| Dell Poweredge R940 Firmware | <2.11.2 | |
| Dell Poweredge R940 | ||
| Dell Poweredge R840 Firmware | <2.11.2 | |
| Dell Poweredge R840 | ||
| Dell Poweredge R940xa Firmware | <2.11.2 | |
| Dell Poweredge R940xa | ||
| Dell Poweredge T640 Firmware | <2.11.2 | |
| Dell Poweredge T640 | ||
| Dell Poweredge Mx740c Firmware | <2.11.2 | |
| Dell Poweredge Mx740c | ||
| Dell Poweredge Mx840c Firmware | <2.11.2 | |
| Dell Poweredge Mx840c |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Dell PowerEdge Server BIOS vulnerability?
The vulnerability ID for this Dell PowerEdge Server BIOS vulnerability is CVE-2021-21556.
What is the severity rating of CVE-2021-21556?
The severity rating of CVE-2021-21556 is high.
Which Dell PowerEdge server models are affected by this vulnerability?
The Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 server models are affected by this vulnerability.
What is the impact of exploiting CVE-2021-21556?
Exploiting CVE-2021-21556 can lead to a denial of service (DoS) condition.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following reference link: [Dell Support KB Article](https://www.dell.com/support/kbdoc/000187958)
- collector/nvd-index
- agent/weakness
- agent/type
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell poweredge r640 firmware
- canonical/dell poweredge r640
- canonical/dell poweredge r740 firmware
- canonical/dell poweredge r740
- canonical/dell poweredge r740xd firmware
- canonical/dell poweredge r740xd
- canonical/dell poweredge r940 firmware
- canonical/dell poweredge r940
- canonical/dell poweredge r840 firmware
- canonical/dell poweredge r840
- canonical/dell poweredge r940xa firmware
- canonical/dell poweredge r940xa
- canonical/dell poweredge t640 firmware
- canonical/dell poweredge t640
- canonical/dell poweredge mx740c firmware
- canonical/dell poweredge mx740c
- canonical/dell poweredge mx840c firmware
- canonical/dell poweredge mx840c