CVE-2021-21571

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
dellCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
dellalienware_m15_r6_firmware
𝑥
< 1.3.3
dellchengming_3990_firmware
𝑥
< 1.4.1
dellchengming_3991_firmware
𝑥
< 1.4.1
dellg15_5510_firmware
𝑥
< 1.4.0
dellg15_5511_firmware
𝑥
< 1.3.3
dellg3_3500_firmware
𝑥
< 1.9.0
dellg5_5500_firmware
𝑥
< 1.9.0
dellg7_7500_firmware
𝑥
< 1.9.0
dellg7_7700_firmware
𝑥
< 1.9.0
dellinspiron_14_5418_firmware
𝑥
< 2.1.0_a06
dellinspiron_15_5518_firmware
𝑥
< 2.1.0_a06
dellinspiron_15_7510_firmware
𝑥
< 1.0.4
dellinspiron_3501_firmware
𝑥
< 1.6.0
dellinspiron_3880_firmware
𝑥
< 1.4.1
dellinspiron_3881_firmware
𝑥
< 1.4.1
dellinspiron_3891_firmware
𝑥
< 1.0.11
dellinspiron_5300_firmware
𝑥
< 1.7.1
dellinspiron_5301_firmware
𝑥
< 1.8.1
dellinspiron_5310_firmware
𝑥
< 2.1.0
dellinspiron_5400_2-in-1_firmware
𝑥
< 1.7.0
dellinspiron_5400_aio_firmware
𝑥
< 1.4.0
dellinspiron_5401_firmware
𝑥
< 1.7.2
dellinspiron_5401_aio_firmware
𝑥
< 1.4.0
dellinspiron_5402_firmware
𝑥
< 1.5.1
dellinspiron_5406_2n1_firmware
𝑥
< 1.5.1
dellinspiron_5408_firmware
𝑥
< 1.7.2
dellinspiron_5409_firmware
𝑥
< 1.5.1
dellinspiron_5410_2-in-1_firmware
𝑥
< 2.1.0
dellinspiron_5501_firmware
𝑥
< 1.7.2
dellinspiron_5502_firmware
𝑥
< 1.5.1
dellinspiron_5508_firmware
𝑥
< 1.7.2
dellinspiron_5509_firmware
𝑥
< 1.5.1
dellinspiron_7300_firmware
𝑥
< 1.8.1
dellinspiron_7300_2-in-1_firmware
𝑥
< 1.3.0
dellinspiron_7306_2-in-1_firmware
𝑥
< 1.5.1
dellinspiron_7400_firmware
𝑥
< 1.8.1
dellinspiron_7500_firmware
𝑥
< 1.8.0
dellinspiron_7500_2-in-1_firmware
𝑥
< 1.3.0
dellinspiron_7501_firmware
𝑥
< 1.8.0
dellinspiron_7506_firmware
𝑥
< 1.5.1
dellinspiron_7610_firmware
𝑥
< 1.0.4
dellinspiron_7700_aio_firmware
𝑥
< 1.4.0
dellinspiron_7706_2-in-1_firmware
𝑥
< 1.5.1
delllatitude_3120_firmware
𝑥
< 1.1.0
delllatitude_3320_firmware
𝑥
< 1.4.0
delllatitude_3410_firmware
𝑥
< 1.9.0
delllatitude_3420_firmware
𝑥
< 1.8.0
delllatitude_3510_firmware
𝑥
< 1.9.0
delllatitude_3520_firmware
𝑥
< 1.8.0
delllatitude_5310_firmware
𝑥
< 1.7.0
delllatitude_5310_2-in-1_firmware
𝑥
< 1.7.0
delllatitude_5320_firmware
𝑥
< 1.7.1
delllatitude_5320_2-in-1_firmware
𝑥
< 1.7.1
delllatitude_5410_firmware
𝑥
< 1.6.0
delllatitude_5411_firmware
𝑥
< 1.6.0
delllatitude_5420_firmware
𝑥
< 1.8.0
delllatitude_5510_firmware
𝑥
< 1.6.0
delllatitude_5511_firmware
𝑥
< 1.6.0
delllatitude_5520_firmware
𝑥
< 1.7.1
delllatitude_5521_firmware
𝑥
< 1.3.0_a03
delllatitude_7210_2-in-1_firmware
𝑥
< 1.7.0
delllatitude_7310_firmware
𝑥
< 1.7.0
delllatitude_7320_firmware
𝑥
< 1.7.1
delllatitude_7320_detachable_firmware
𝑥
< 1.4.0_a04
delllatitude_7410_firmware
𝑥
< 1.7.0
delllatitude_7420_firmware
𝑥
< 1.7.1
delllatitude_7520_firmware
𝑥
< 1.7.1
delllatitude_9410_firmware
𝑥
< 1.7.0
delllatitude_9420_firmware
𝑥
< 1.4.1
delllatitude_9510_firmware
𝑥
< 1.6.0
delllatitude_9520_firmware
𝑥
< 1.5.2
delllatitude_5421_firmware
𝑥
< 1.3.0_a03
delloptiplex_3080_firmware
𝑥
< 2.1.1
delloptiplex_3090_uff_firmware
𝑥
< 1.2.0
delloptiplex_3280_all-in-one_firmware
𝑥
< 1.7.0
delloptiplex_5080_firmware
𝑥
< 1.4.0
delloptiplex_5090_tower_firmware
𝑥
< 1.1.35
delloptiplex_5490_aio_firmware
𝑥
< 1.3.0
delloptiplex_7080_firmware
𝑥
< 1.4.0
delloptiplex_7090_tower_firmware
𝑥
< 1.1.35
delloptiplex_7090_uff_firmware
𝑥
< 1.2.0
delloptiplex_7480_all-in-one_firmware
𝑥
< 1.7.0
delloptiplex_7490_all-in-one_firmware
𝑥
< 1.3.0
delloptiplex_7780_all-in-one_firmware
𝑥
< 1.7.0
dellprecision_17_m5750_firmware
𝑥
< 1.8.2
dellprecision_3440_firmware
𝑥
< 1.4.0
dellprecision_3450_firmware
𝑥
< 1.1.35
dellprecision_3550_firmware
𝑥
< 1.6.0
dellprecision_3551_firmware
𝑥
< 1.6.0
dellprecision_3560_firmware
𝑥
< 1.7.1
dellprecision_3561_firmware
𝑥
< 1.3.0_a03
dellprecision_3640_firmware
𝑥
< 1.6.2
dellprecision_3650_mt_firmware
𝑥
< 1.2.0
dellprecision_5550_firmware
𝑥
< 1.8.1
dellprecision_5560_firmware
𝑥
< 1.3.2
dellprecision_5760_firmware
𝑥
< 1.1.3
dellprecision_7550_firmware
𝑥
< 1.8.0
dellprecision_7560_firmware
𝑥
< 1.1.2
dellprecision_7750_firmware
𝑥
< 1.8.0
dellprecision_7760_firmware
𝑥
< 1.1.2
dellvostro_14_5410_firmware
𝑥
< 2.1.0_a06
dellvostro_15_5510_firmware
𝑥
< 2.1.0_a06
dellvostro_15_7510_firmware
𝑥
< 1.0.4
dellvostro_3400_firmware
𝑥
< 1.6.0
dellvostro_3500_firmware
𝑥
< 1.6.0
dellvostro_3501_firmware
𝑥
< 1.6.0
dellvostro_3681_firmware
𝑥
< 2.4.0
dellvostro_3690_firmware
𝑥
< 1.0.11
dellvostro_3881_firmware
𝑥
< 2.4.0
dellvostro_3888_firmware
𝑥
< 2.4.0
dellvostro_3890_firmware
𝑥
< 1.0.11
dellvostro_5300_firmware
𝑥
< 1.7.1
dellvostro_5301_firmware
𝑥
< 1.8.1
dellvostro_5310_firmware
𝑥
< 2.1.0
dellvostro_5401_firmware
𝑥
< 1.7.2
dellvostro_5402_firmware
𝑥
< 1.5.1
dellvostro_5501_firmware
𝑥
< 1.7.2
dellvostro_5502_firmware
𝑥
< 1.5.1
dellvostro_5880_firmware
𝑥
< 1.4.0
dellvostro_5890_firmware
𝑥
< 1.0.11
dellvostro_7500_firmware
𝑥
< 1.8.0
dellxps_13_9305_firmware
𝑥
< 1.0.8
dellxps_13_2in1_9310_firmware
𝑥
< 2.3.3
dellxps_13_9310_firmware
𝑥
< 3.0.0
dellxps_15_9500_firmware
𝑥
< 1.8.1
dellxps_15_9510_firmware
𝑥
< 1.3.2
dellxps_17_9700_firmware
𝑥
< 1.8.2
dellxps_17_9710_firmware
𝑥
< 1.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000188682
https://www.dell.com/support/kbdoc/en-us/000188682