Skip to main content

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 14, 2021 - 19:15 nvd
MEDIUM 6.7

DescriptionNVD

Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode.

AnalysisAI

Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. Affected products include: Dell Poweredge R640 Firmware, Dell Poweredge R740 Firmware, Dell Poweredge R740Xd Firmware, Dell Poweredge R940 Firmware, Dell Poweredge R540 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-0161 HIGH
8.4 Mar 13

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulner

CVE-2024-0172 HIGH
7.8 Apr 03

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability.

CVE-2023-32460 HIGH
7.8 Dec 08

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. Rated high severity (CVSS 7.8), th

CVE-2023-25537 HIGH
7.8 May 22

Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out

CVE-2021-21556 MEDIUM
6.7 Jun 14

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer

CVE-2021-21555 MEDIUM
6.7 Jun 14

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer

CVE-2021-21554 MEDIUM
6.7 Jun 14

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS co

CVE-2024-38304 MEDIUM
6.5 Aug 29

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of B

CVE-2024-38303 MEDIUM
6.0 Aug 29

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability.

CVE-2025-26482 MEDIUM
4.9 Sep 25

Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. Rated medium

CVE-2024-0173 LOW
3.3 Mar 13

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. Rate

CVE-2024-0154 LOW
3.3 Mar 13

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. Rate

Share

CVE-2021-21557 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy