First published: Mon Jun 14 2021(Updated: )
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell PowerEdge R640 Firmware | <2.11.2 | |
Dell PowerEdge R640 Firmware | ||
Dell PowerEdge R740 Firmware | <2.11.2 | |
Dell PowerEdge R740 Firmware | ||
Dell PowerEdge R740xd Firmware | <2.11.2 | |
Dell PowerEdge R740xd2 | ||
Dell PowerEdge R940 Firmware | <2.11.2 | |
Dell PowerEdge R940xa Firmware | ||
Dell PowerEdge R540 Firmware | <2.11.2 | |
Dell PowerEdge R540 Firmware | ||
Dell PowerEdge R440 Firmware | <2.11.2 | |
Dell PowerEdge R440 Firmware | ||
Dell PowerEdge T440 | <2.11.2 | |
Dell PowerEdge T440 Firmware | ||
Dell PowerEdge XR2 Firmware | <2.11.2 | |
Dell PowerEdge XR2 Firmware | ||
Dell PowerEdge R740xd2 Firmware | <2.11.2 | |
Dell PowerEdge R740xd2 Firmware | ||
Dell PowerEdge R840 Firmware | <2.11.2 | |
Dell PowerEdge R840 Firmware | ||
Dell PowerEdge R940xa | <2.11.2 | |
Dell PowerEdge R940xa | ||
Dell PowerEdge T640 Firmware | <2.11.2 | |
Juniper T640 | ||
Dell PowerEdge | <2.11.2 | |
Dell PowerEdge c6420 firmware | ||
Dell PowerEdge FC640 | <2.11.2 | |
Dell PowerEdge FC640 | ||
Dell PowerEdge m640 | <2.11.2 | |
Dell PowerEdge m640 Firmware | ||
Dell PowerEdge m640p Firmware | <2.11.2 | |
Dell PowerEdge m640p Firmware | ||
Dell MX740c Firmware | <2.11.2 | |
Dell MX740c | ||
Dell MX840c Firmware | <2.11.2 | |
Dell PowerEdge mx840c firmware | ||
Dell PowerEdge C4140 Firmware | <2.11.2 | |
Dell PowerEdge C4140 | ||
Dell PowerEdge T140 Firmware | <2.5.1 | |
Dell PowerEdge T140 Firmware | ||
Dell T340 Firmware | <2.5.1 | |
Dell PowerEdge T340 Firmware | ||
Dell PowerEdge R240 Firmware | <2.5.1 | |
Dell PowerEdge R240 Firmware | ||
Dell PowerEdge R340 Firmware | <2.5.1 | |
Dell PowerEdge R340 Firmware | ||
Dell PowerEdge R6415 | <1.16.1 | |
Dell PowerEdge R6415 Firmware | ||
Dell PowerEdge R7415 Firmware | <1.16.1 | |
Dell PowerEdge R7415 Firmware | ||
Dell PowerEdge R7425 | <1.16.1 | |
Dell PowerEdge R7425 | ||
Dell PowerEdge r6515 firmware | <2.2.4 | |
Dell PowerEdge r6515 firmware | ||
Dell PowerEdge R7515 Firmware | <2.2.4 | |
Dell PowerEdge R7515 Firmware | ||
Dell PowerEdge R6525 | <2.2.5 | |
Dell PowerEdge R6525 | ||
Dell PowerEdge R7525 | <2.2.5 | |
Dell PowerEdge R7525 | ||
Dell PowerEdge c6525 | <2.2.4 | |
Dell PowerEdge c6525 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-21557.
The severity of CVE-2021-21557 is high.
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS versions up to 2.11.2 are affected.
A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management (SysMa).
To fix CVE-2021-21557, Dell recommends updating to the latest BIOS version for the affected systems. Please refer to Dell's support website for specific instructions.