CVE & CISA-KEV Catalog

CVE-2021-21571

MEDIUM
5.9
CVSS v3
NVD

Description

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.

How to fix

Remediation Available
alienware m15 r6 firmwareNVD
Affected:< 1.3.3Fixed in:1.3.3CVE-2021-21571derived from NVD
chengming 3990 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2021-21571derived from NVD
chengming 3991 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2021-21571derived from NVD
g15 5510 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
g15 5511 firmwareNVD
Affected:< 1.3.3Fixed in:1.3.3CVE-2021-21571derived from NVD
g3 3500 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
g5 5500 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
g7 7500 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
g7 7700 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
inspiron 14 5418 firmwareNVD
Affected:< 2.1.0_a06Fixed in:2.1.0_a06CVE-2021-21571derived from NVD
inspiron 15 5518 firmwareNVD
Affected:< 2.1.0_a06Fixed in:2.1.0_a06CVE-2021-21571derived from NVD
inspiron 15 7510 firmwareNVD
Affected:< 1.0.4Fixed in:1.0.4CVE-2021-21571derived from NVD
inspiron 3501 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
inspiron 3880 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2021-21571derived from NVD
inspiron 3881 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2021-21571derived from NVD
inspiron 3891 firmwareNVD
Affected:< 1.0.11Fixed in:1.0.11CVE-2021-21571derived from NVD
inspiron 5300 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
inspiron 5301 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
inspiron 5310 firmwareNVD
Affected:< 2.1.0Fixed in:2.1.0CVE-2021-21571derived from NVD
inspiron 5400 2-in-1 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
inspiron 5400 aio firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
inspiron 5401 aio firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
inspiron 5401 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
inspiron 5402 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 5406 2n1 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 5408 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
inspiron 5409 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 5410 2-in-1 firmwareNVD
Affected:< 2.1.0Fixed in:2.1.0CVE-2021-21571derived from NVD
inspiron 5501 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
inspiron 5502 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 5508 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
inspiron 5509 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 7300 2-in-1 firmwareNVD
Affected:< 1.3.0Fixed in:1.3.0CVE-2021-21571derived from NVD
inspiron 7300 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
inspiron 7306 2-in-1 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 7400 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
inspiron 7500 2-in-1 firmwareNVD
Affected:< 1.3.0Fixed in:1.3.0CVE-2021-21571derived from NVD
inspiron 7500 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
inspiron 7501 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
inspiron 7506 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
inspiron 7610 firmwareNVD
Affected:< 1.0.4Fixed in:1.0.4CVE-2021-21571derived from NVD
inspiron 7700 aio firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
inspiron 7706 2-in-1 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
latitude 3120 firmwareNVD
Affected:< 1.1.0Fixed in:1.1.0CVE-2021-21571derived from NVD
latitude 3320 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
latitude 3410 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
latitude 3420 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
latitude 3510 firmwareNVD
Affected:< 1.9.0Fixed in:1.9.0CVE-2021-21571derived from NVD
latitude 3520 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
latitude 5310 2-in-1 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 5310 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 5320 2-in-1 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 5320 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 5410 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
latitude 5411 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
latitude 5420 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
latitude 5421 firmwareNVD
Affected:< 1.3.0_a03Fixed in:1.3.0_a03CVE-2021-21571derived from NVD
latitude 5510 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
latitude 5511 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
latitude 5520 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 5521 firmwareNVD
Affected:< 1.3.0_a03Fixed in:1.3.0_a03CVE-2021-21571derived from NVD
latitude 7210 2-in-1 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 7310 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 7320 detachable firmwareNVD
Affected:< 1.4.0_a04Fixed in:1.4.0_a04CVE-2021-21571derived from NVD
latitude 7320 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 7410 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 7420 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 7520 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
latitude 9410 firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
latitude 9420 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2021-21571derived from NVD
latitude 9510 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
latitude 9520 firmwareNVD
Affected:< 1.5.2Fixed in:1.5.2CVE-2021-21571derived from NVD
optiplex 3080 firmwareNVD
Affected:< 2.1.1Fixed in:2.1.1CVE-2021-21571derived from NVD
optiplex 3090 uff firmwareNVD
Affected:< 1.2.0Fixed in:1.2.0CVE-2021-21571derived from NVD
optiplex 3280 all-in-one firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
optiplex 5080 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
optiplex 5090 tower firmwareNVD
Affected:< 1.1.35Fixed in:1.1.35CVE-2021-21571derived from NVD
optiplex 5490 aio firmwareNVD
Affected:< 1.3.0Fixed in:1.3.0CVE-2021-21571derived from NVD
optiplex 7080 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
optiplex 7090 tower firmwareNVD
Affected:< 1.1.35Fixed in:1.1.35CVE-2021-21571derived from NVD
optiplex 7090 uff firmwareNVD
Affected:< 1.2.0Fixed in:1.2.0CVE-2021-21571derived from NVD
optiplex 7480 all-in-one firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
optiplex 7490 all-in-one firmwareNVD
Affected:< 1.3.0Fixed in:1.3.0CVE-2021-21571derived from NVD
optiplex 7780 all-in-one firmwareNVD
Affected:< 1.7.0Fixed in:1.7.0CVE-2021-21571derived from NVD
precision 17 m5750 firmwareNVD
Affected:< 1.8.2Fixed in:1.8.2CVE-2021-21571derived from NVD
precision 3440 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
precision 3450 firmwareNVD
Affected:< 1.1.35Fixed in:1.1.35CVE-2021-21571derived from NVD
precision 3550 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
precision 3551 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
precision 3560 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
precision 3561 firmwareNVD
Affected:< 1.3.0_a03Fixed in:1.3.0_a03CVE-2021-21571derived from NVD
precision 3640 firmwareNVD
Affected:< 1.6.2Fixed in:1.6.2CVE-2021-21571derived from NVD
precision 3650 mt firmwareNVD
Affected:< 1.2.0Fixed in:1.2.0CVE-2021-21571derived from NVD
precision 5550 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
precision 5560 firmwareNVD
Affected:< 1.3.2Fixed in:1.3.2CVE-2021-21571derived from NVD
precision 5760 firmwareNVD
Affected:< 1.1.3Fixed in:1.1.3CVE-2021-21571derived from NVD
precision 7550 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
precision 7560 firmwareNVD
Affected:< 1.1.2Fixed in:1.1.2CVE-2021-21571derived from NVD
precision 7750 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
precision 7760 firmwareNVD
Affected:< 1.1.2Fixed in:1.1.2CVE-2021-21571derived from NVD
vostro 14 5410 firmwareNVD
Affected:< 2.1.0_a06Fixed in:2.1.0_a06CVE-2021-21571derived from NVD
vostro 15 5510 firmwareNVD
Affected:< 2.1.0_a06Fixed in:2.1.0_a06CVE-2021-21571derived from NVD
vostro 15 7510 firmwareNVD
Affected:< 1.0.4Fixed in:1.0.4CVE-2021-21571derived from NVD
vostro 3400 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
vostro 3500 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
vostro 3501 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2021-21571derived from NVD
vostro 3681 firmwareNVD
Affected:< 2.4.0Fixed in:2.4.0CVE-2021-21571derived from NVD
vostro 3690 firmwareNVD
Affected:< 1.0.11Fixed in:1.0.11CVE-2021-21571derived from NVD
vostro 3881 firmwareNVD
Affected:< 2.4.0Fixed in:2.4.0CVE-2021-21571derived from NVD
vostro 3888 firmwareNVD
Affected:< 2.4.0Fixed in:2.4.0CVE-2021-21571derived from NVD
vostro 3890 firmwareNVD
Affected:< 1.0.11Fixed in:1.0.11CVE-2021-21571derived from NVD
vostro 5300 firmwareNVD
Affected:< 1.7.1Fixed in:1.7.1CVE-2021-21571derived from NVD
vostro 5301 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
vostro 5310 firmwareNVD
Affected:< 2.1.0Fixed in:2.1.0CVE-2021-21571derived from NVD
vostro 5401 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
vostro 5402 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
vostro 5501 firmwareNVD
Affected:< 1.7.2Fixed in:1.7.2CVE-2021-21571derived from NVD
vostro 5502 firmwareNVD
Affected:< 1.5.1Fixed in:1.5.1CVE-2021-21571derived from NVD
vostro 5880 firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2021-21571derived from NVD
vostro 5890 firmwareNVD
Affected:< 1.0.11Fixed in:1.0.11CVE-2021-21571derived from NVD
vostro 7500 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2021-21571derived from NVD
xps 13 2in1 9310 firmwareNVD
Affected:< 2.3.3Fixed in:2.3.3CVE-2021-21571derived from NVD
xps 13 9305 firmwareNVD
Affected:< 1.0.8Fixed in:1.0.8CVE-2021-21571derived from NVD
xps 13 9310 firmwareNVD
Affected:< 3.0.0Fixed in:3.0.0CVE-2021-21571derived from NVD
xps 15 9500 firmwareNVD
Affected:< 1.8.1Fixed in:1.8.1CVE-2021-21571derived from NVD
xps 15 9510 firmwareNVD
Affected:< 1.3.2Fixed in:1.3.2CVE-2021-21571derived from NVD
xps 17 9700 firmwareNVD
Affected:< 1.8.2Fixed in:1.8.2CVE-2021-21571derived from NVD
xps 17 9710 firmwareNVD
Affected:< 1.1.3Fixed in:1.1.3CVE-2021-21571derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

Exploit Intelligence

0.63%probability of exploitation in 30 days
46thpercentile

Moderate risk: more likely to be exploited than 46% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-295 (Improper Certificate Validation) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2015-4000Low3.7100%-Fix
CVE-2020-0601High8.189%KEVFix
CVE-2009-3555Critical9.887%-Fix
CVE-2022-26923High8.883%KEVFix
CVE-2023-27823Critical9.853%--
CVE-2022-42979High8.824%--
Embed a live status badge for CVE-2021-21571
CVE-2021-21571 severity badge

Markdown

[![CVE-2021-21571](https://tridentstack.com/cve/badge/CVE-2021-21571.svg)](https://tridentstack.com/cve/CVE-2021-21571)

HTML

<a href="https://tridentstack.com/cve/CVE-2021-21571"><img src="https://tridentstack.com/cve/badge/CVE-2021-21571.svg" alt="CVE-2021-21571"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.