Skip to main content

Alienware M15 R6 Firmware CVE-2021-21572

HIGH
Heap-based Buffer Overflow (CWE-122)
2021-06-24 security_alert@emc.com
Buffer Overflow Heap Overflow Dell RCE Alienware M15 R6 Firmware Chengming 3990 Firmware Chengming 3991 Firmware G15 5510 Firmware G15 5511 Firmware G3 3500 Firmware G5 5500 Firmware G7 7500 Firmware G7 7700 Firmware Inspiron 14 5418 Firmware Inspiron 15 5518 Firmware Inspiron 15 7510 Firmware Inspiron 3501 Firmware Inspiron 3880 Firmware Inspiron 3881 Firmware Inspiron 3891 Firmware Inspiron 5300 Firmware Inspiron 5301 Firmware Inspiron 5310 Firmware Inspiron 5400 2 In 1 Firmware Inspiron 5400 Aio Firmware Inspiron 5401 Firmware Inspiron 5401 Aio Firmware Inspiron 5402 Firmware Inspiron 5406 2N1 Firmware Inspiron 5408 Firmware Inspiron 5409 Firmware Inspiron 5410 2 In 1 Firmware Inspiron 5501 Firmware Inspiron 5502 Firmware Inspiron 5508 Firmware Inspiron 5509 Firmware Inspiron 7300 Firmware Inspiron 7300 2 In 1 Firmware Inspiron 7306 2 In 1 Firmware Inspiron 7400 Firmware Inspiron 7500 Firmware Inspiron 7500 2 In 1 Firmware Inspiron 7501 Firmware Inspiron 7506 Firmware Inspiron 7610 Firmware Inspiron 7700 Aio Firmware Inspiron 7706 2 In 1 Firmware Latitude 3120 Firmware Latitude 3320 Firmware Latitude 3410 Firmware Latitude 3420 Firmware Latitude 3510 Firmware Latitude 3520 Firmware Latitude 5310 Firmware Latitude 5310 2 In 1 Firmware Latitude 5320 Firmware Latitude 5320 2 In 1 Firmware Latitude 5410 Firmware Latitude 5411 Firmware Latitude 5420 Firmware Latitude 5510 Firmware Latitude 5511 Firmware Latitude 5520 Firmware Latitude 5521 Firmware Latitude 7210 2 In 1 Firmware Latitude 7310 Firmware Latitude 7320 Firmware Latitude 7320 Detachable Firmware Latitude 7410 Firmware Latitude 7420 Firmware Latitude 7520 Firmware Latitude 9410 Firmware Latitude 9420 Firmware Latitude 9510 Firmware Latitude 9520 Firmware Latitude 5421 Firmware Optiplex 3080 Firmware Optiplex 3090 Uff Firmware Optiplex 3280 All In One Firmware Optiplex 5080 Firmware Optiplex 5090 Tower Firmware Optiplex 5490 Aio Firmware Optiplex 7080 Firmware Optiplex 7090 Tower Firmware Optiplex 7090 Uff Firmware Optiplex 7480 All In One Firmware Optiplex 7490 All In One Firmware Optiplex 7780 All In One Firmware Precision 17 M5750 Firmware Precision 3440 Firmware Precision 3450 Firmware Precision 3550 Firmware Precision 3551 Firmware Precision 3560 Firmware Precision 3561 Firmware Precision 3640 Firmware Precision 3650 Mt Firmware Precision 5550 Firmware Precision 5560 Firmware Precision 5760 Firmware Precision 7550 Firmware Precision 7560 Firmware Precision 7750 Firmware Precision 7760 Firmware Vostro 14 5410 Firmware Vostro 15 5510 Firmware Vostro 15 7510 Firmware Vostro 3400 Firmware Vostro 3500 Firmware Vostro 3501 Firmware Vostro 3681 Firmware Vostro 3690 Firmware Vostro 3881 Firmware Vostro 3888 Firmware Vostro 3890 Firmware Vostro 5300 Firmware Vostro 5301 Firmware Vostro 5310 Firmware Vostro 5401 Firmware Vostro 5402 Firmware Vostro 5501 Firmware Vostro 5502 Firmware Vostro 5880 Firmware Vostro 5890 Firmware Vostro 7500 Firmware Xps 13 9305 Firmware Xps 13 2In1 9310 Firmware Xps 13 9310 Firmware Xps 15 9500 Firmware Xps 15 9510 Firmware Xps 17 9700 Firmware Xps 17 9710 Firmware
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 24, 2021 - 17:15 nvd
HIGH 7.5

DescriptionNVD

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

AnalysisAI

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-122. Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions. Affected products include: Dell Alienware M15 R6 Firmware, Dell Chengming 3990 Firmware, Dell Chengming 3991 Firmware, Dell G15 5510 Firmware, Dell G15 5511 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-52541 HIGH
8.2 Feb 19

Dell Client Platform BIOS contains a Weak Authentication vulnerability. Rated high severity (CVSS 8.2), this vulnerabili

CVE-2022-26861 HIGH
7.8 Sep 06

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulner

CVE-2022-26860 HIGH
7.8 Sep 06

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerabili

CVE-2022-26858 HIGH
7.8 Sep 06

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2021-21574 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2021-21573 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2022-26859 HIGH
7.0 Sep 06

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

CVE-2025-29988 MEDIUM
6.9 Apr 09

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. Rated medium severity (CVSS 6.9), this v

CVE-2024-0158 MEDIUM
6.7 Jul 02

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28060 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28058 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28050 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

Share

CVE-2021-21572 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy