Vulnerability Details CVE-2021-21554
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 7.2
References
Products affected by CVE-2021-21554
-
cpe:2.3:h:dell:poweredge_mx740c:-
-
cpe:2.3:h:dell:poweredge_mx840c:-
-
cpe:2.3:h:dell:poweredge_r640:-
-
cpe:2.3:h:dell:poweredge_r740:-
-
cpe:2.3:h:dell:poweredge_r740xd:-
-
cpe:2.3:h:dell:poweredge_r840:-
-
cpe:2.3:h:dell:poweredge_r940:-
-
cpe:2.3:h:dell:poweredge_r940xa:-
-
cpe:2.3:h:dell:precision_7920:-
-
cpe:2.3:o:dell:poweredge_mx740c_firmware:-
-
cpe:2.3:o:dell:poweredge_mx840c_firmware:-
-
cpe:2.3:o:dell:poweredge_r640_firmware:-
-
cpe:2.3:o:dell:poweredge_r740_firmware:-
-
cpe:2.3:o:dell:poweredge_r740xd_firmware:-
-
cpe:2.3:o:dell:poweredge_r840_firmware:-
-
cpe:2.3:o:dell:poweredge_r940_firmware:-
-
cpe:2.3:o:dell:poweredge_r940xa_firmware:-
-
cpe:2.3:o:dell:precision_7920_firmware:-