Improper Authorization

CVE-2021-36276

High

8.8/10

Summary

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-285 - Improper Authorization

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References

Advisory Timeline

Published Aug 09, 2021

Improper Authorization

CVE-2021-36276

Summary

CWE-285 - Improper Authorization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS