Skip to main content

Improper Authorization

CVE-2021-36276

Severity High
Score 8.8/10

Summary

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

  • LOW
  • LOCAL
  • HIGH
  • CHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-285 - Improper Authorization

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References

Advisory Timeline

  • Published