Sign-up

ID

VAR-202104-0685


CVE

CVE-2021-21545


TITLE

Dell Peripheral Manager Code problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-657

DESCRIPTION

Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. Dell Peripheral Manager is an application software of Dell (Dell). Provides on-screen instructions on how to pair other devices with your computer via Bluetooth

Trust: 1.08

sources: NVD: CVE-2021-21545 // VULHUB: VHN-379949 // VULMON: CVE-2021-21545

AFFECTED PRODUCTS

vendor:dellmodel:peripheral managerscope:ltversion:1.3.1

Trust: 1.0

sources: NVD: CVE-2021-21545

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-21545
value: HIGH

Trust: 1.0

security_alert@emc.com: CVE-2021-21545
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202104-657
value: HIGH

Trust: 0.6

VULHUB: VHN-379949
value: HIGH

Trust: 0.1

VULMON: CVE-2021-21545
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-21545
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-379949
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-21545
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: VULHUB: VHN-379949 // VULMON: CVE-2021-21545 // CNNVD: CNNVD-202104-657 // NVD: CVE-2021-21545 // NVD: CVE-2021-21545

PROBLEMTYPE DATA

problemtype:CWE-427

Trust: 1.1

sources: VULHUB: VHN-379949 // NVD: CVE-2021-21545

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202104-657

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202104-657

PATCH

title:Dell Peripheral Manager Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147231

Trust: 0.6

sources: CNNVD: CNNVD-202104-657

EXTERNAL IDS

db:NVDid:CVE-2021-21545

Trust: 1.8

db:CNNVDid:CNNVD-202104-657

Trust: 0.6

db:VULHUBid:VHN-379949

Trust: 0.1

db:VULMONid:CVE-2021-21545

Trust: 0.1

sources: VULHUB: VHN-379949 // VULMON: CVE-2021-21545 // CNNVD: CNNVD-202104-657 // NVD: CVE-2021-21545

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000185100/dsa-2021-079-dell-client-security-update-for-dell-peripheral-manager-local-privilege-escalation-vulnerability

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-21545

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/427.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-379949 // VULMON: CVE-2021-21545 // CNNVD: CNNVD-202104-657 // NVD: CVE-2021-21545

SOURCES

db:VULHUBid:VHN-379949
db:VULMONid:CVE-2021-21545
db:CNNVDid:CNNVD-202104-657
db:NVDid:CVE-2021-21545

LAST UPDATE DATE

2024-11-23T22:51:01.577000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-379949date:2021-04-26T00:00:00
db:VULMONid:CVE-2021-21545date:2021-04-26T00:00:00
db:CNNVDid:CNNVD-202104-657date:2021-04-27T00:00:00
db:NVDid:CVE-2021-21545date:2024-11-21T05:48:33.880

SOURCES RELEASE DATE

db:VULHUBid:VHN-379949date:2021-04-12T00:00:00
db:VULMONid:CVE-2021-21545date:2021-04-12T00:00:00
db:CNNVDid:CNNVD-202104-657date:2021-04-12T00:00:00
db:NVDid:CVE-2021-21545date:2021-04-12T20:15:11.807