1. CVE-Search
  2. CVE-2021-21554
ID CVE-2021-21554
Summary Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
References
Vulnerable Configurations
  • cpe:2.3:o:dell:poweredge_r640_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r640_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_r740_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r740_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_r740xd_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r740xd_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_r940_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r940_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_r840_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r840_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_r940xa_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_r940xa_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_mx740c_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_mx740c_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:poweredge_mx840c_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:poweredge_mx840c_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:precision_7920_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:precision_7920_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 25-10-2022 - 23:43)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
Last major update 25-10-2022 - 23:43
Published 14-06-2021 - 19:15
Last modified 25-10-2022 - 23:43
Back to Top