{"vulnerability": "cve-2021-2155", "sightings": [{"uuid": "ccf28497-dec6-42ee-84bd-7712a1b1e171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5508", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Reverse Engineering &amp; Exploiting Dell CVE-2021-21551.\n\nhttps://voidsec.com/reverse-engineering-and-exploiting-dell-cve-2021-21551/", "creation_timestamp": "2021-05-21T13:29:47.000000Z"}, {"uuid": "ac3e68e7-b566-4326-adcb-aa8e828e266d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/11146", "content": "Dell driver fix still allows Windows Kernel-level attacks\n\nDell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution. [...]\n\nhttps://www.bleepingcomputer.com/news/security/dell-driver-fix-still-allows-windows-kernel-level-attacks/", "creation_timestamp": "2021-12-13T21:33:16.000000Z"}, {"uuid": "0cdbe0b8-601d-4981-99fa-4faf229345df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2571", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCobalt Strike\n\u63cf\u8ff0\uff1aCobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.\nURL\uff1ahttps://github.com/tijme/kernel-mii\n\n\u6807\u7b7e\uff1a#Cobalt Strike", "creation_timestamp": "2022-06-25T11:36:09.000000Z"}, {"uuid": "ec449d4c-6f25-4f0a-bdf9-f300a58019e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://t.me/cKure/5161", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 \u26a0\ufe0f CVE-2021-21551\n\n'Millions' of Dell PCs will grant malware, rogue users admin-level access if asked nicely.\n\nhttps://go.theregister.com/feed/www.theregister.com/2021/05/04/dell_driver_flaw/", "creation_timestamp": "2021-05-05T07:17:11.000000Z"}, {"uuid": "1ed15e58-5efe-4845-bbc1-299a6111784b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5304", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Exploit Development: CVE-2021-21551 - Dell \u2018dbutil_2_3.sys\u2019 Kernel Exploit Writeup\n\nhttps://connormcgarr.github.io/cve-2020-21551-sploit/", "creation_timestamp": "2021-05-14T13:58:45.000000Z"}, {"uuid": "ef0aa716-9706-4a9d-beee-f28ae0ff2c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5357", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Exploit to SYSTEM for CVE-2021-21551\n\nhttps://github.com/waldo-irc/CVE-2021-21551", "creation_timestamp": "2021-05-16T16:15:24.000000Z"}, {"uuid": "725911c0-83c3-448a-bae1-3a18e49b0a43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "Telegram/m3ABCDwdGnEsuoP1BH6LqyWhKOHAR0uu6ebxBJKrtiELgf2N", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "fd0a5152-1274-4b47-9e04-f82698259c51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://t.me/ctinow/32853", "content": "Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws\n\nhttps://ift.tt/3vHchwq", "creation_timestamp": "2021-05-04T17:42:38.000000Z"}, {"uuid": "e766705e-54db-498c-ab75-bce4796f2062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://t.me/arpsyndicate/994", "content": "#ExploitObserverAlert\n\nCVE-2021-21551\n\nDESCRIPTION: Exploit Observer has 56 entries related to CVE-2021-21551. Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.\n\nFIRST-EPSS: 0.001540000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T18:03:25.000000Z"}, {"uuid": "39b27318-bb35-4865-9e62-bb2497d915b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/186", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-18T23:06:09.000000Z"}, {"uuid": "de969e84-38ce-4a25-aef6-1a018c85aae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "exploited", "source": "https://t.me/true_secator/3500", "content": "ESET \u043f\u043e\u0439\u043c\u0430\u043b\u0438 Lazarus \u043d\u0430 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Dell \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0440\u0443\u0442\u043a\u0438\u0442\u0430 FudModule \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 Bring Your Own Vulnerable Driver \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412\u00a0\u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0441 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u043e\u0441\u0435\u043d\u044c\u044e 2021 \u0433\u043e\u0434\u0430, \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0431\u044b\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b \u0438\u0437 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u0438 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u043e\u0432 \u0438 \u0441\u0435\u043a\u0442\u043e\u0440 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0432 \u0411\u0435\u043b\u044c\u0433\u0438\u0438.\n\n\u0426\u0435\u043b\u044f\u043c \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0415\u0421 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043e \u0440\u0430\u0431\u043e\u0442\u0435, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438  Amazon,\u00a0\u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0445 \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u044b\u043c\u00a0\u043f\u0440\u0438\u0435\u043c\u043e\u043c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438.\n\nESET \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0441\u0440\u0435\u0434\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u044b\u0439 \u0440\u0443\u0442\u043a\u0438\u0442 FudModule, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 BYOVD \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-21551 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f Dell (\u00abdbutil_2_3.sys\u00bb). \n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041f\u0440\u0438\u0447\u0435\u043c \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430 Rapid 7\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u044d\u0442\u043e\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u00a0\u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 Dell \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u044f\u0434\u0440\u0430 \u0434\u0430\u0436\u0435 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445.\n\n\u041d\u043e, \u043f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e Lazarus \u0443\u0436\u0435 \u043e\u0442\u043b\u0438\u0447\u043d\u043e \u0437\u043d\u0430\u043b\u0438 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0437\u0432\u0443\u0447\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c \u044f\u0434\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u043c\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u041e\u0421 Windows \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u044f\u0434\u0440\u0430.\n\nESET \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0410\u0420\u0422 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0430 \u0441\u0432\u043e\u0439 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 HTTP(S) BLINDINGCAN, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00a0\u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u0411\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 25 \u043a\u043e\u043c\u0430\u043d\u0434, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0441\u0432\u044f\u0437\u0438 C2, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0436\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u0445 \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0431\u044b\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0442\u0440\u043e\u044f\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a wolfSSL \u0438 FingerText.\n\n\u0412\u0441\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 BYOVD \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u044b ESET \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c 15-\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u043e\u043c\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435.", "creation_timestamp": "2022-10-03T11:58:23.000000Z"}, {"uuid": "38e4bdba-9ae9-47c6-9fa6-d384551a0715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21556", "type": "seen", "source": "https://t.me/cibsecurity/25444", "content": "\u203c CVE-2021-21556 \u203c\n\nDell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-14T22:37:50.000000Z"}, {"uuid": "457b976f-6dc0-4532-b83b-399e05d252c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6737", "content": "Know Your Enemy: Exploiting the Dell BIOS Driver Vulnerability to Defend Against It\nhttps://www.crowdstrike.com/blog/cve-2021-21551-learning-through-exploitation/", "creation_timestamp": "2021-05-27T06:57:03.000000Z"}, {"uuid": "b5f041d1-8ffa-4bb4-8ee7-85e9d9ae1d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "exploited", "source": "https://t.me/S_E_Reborn/2851", "content": "ESET \u043f\u043e\u0439\u043c\u0430\u043b\u0438 Lazarus \u043d\u0430 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Dell \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0440\u0443\u0442\u043a\u0438\u0442\u0430 FudModule \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 Bring Your Own Vulnerable Driver \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412\u00a0\u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0441 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u043e\u0441\u0435\u043d\u044c\u044e 2021 \u0433\u043e\u0434\u0430, \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0431\u044b\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b \u0438\u0437 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u0438 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u043e\u0432 \u0438 \u0441\u0435\u043a\u0442\u043e\u0440 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0432 \u0411\u0435\u043b\u044c\u0433\u0438\u0438.\n\n\u0426\u0435\u043b\u044f\u043c \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0415\u0421 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043e \u0440\u0430\u0431\u043e\u0442\u0435, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438  Amazon,\u00a0\u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0445 \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u044b\u043c\u00a0\u043f\u0440\u0438\u0435\u043c\u043e\u043c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438.\n\nESET \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0441\u0440\u0435\u0434\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u044b\u0439 \u0440\u0443\u0442\u043a\u0438\u0442 FudModule, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 BYOVD \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-21551 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f Dell (\u00abdbutil_2_3.sys\u00bb). \n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041f\u0440\u0438\u0447\u0435\u043c \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430 Rapid 7\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u044d\u0442\u043e\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u00a0\u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 Dell \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u044f\u0434\u0440\u0430 \u0434\u0430\u0436\u0435 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445.\n\n\u041d\u043e, \u043f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e Lazarus \u0443\u0436\u0435 \u043e\u0442\u043b\u0438\u0447\u043d\u043e \u0437\u043d\u0430\u043b\u0438 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0437\u0432\u0443\u0447\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c \u044f\u0434\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u043c\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u041e\u0421 Windows \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u044f\u0434\u0440\u0430.\n\nESET \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0410\u0420\u0422 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0430 \u0441\u0432\u043e\u0439 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 HTTP(S) BLINDINGCAN, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00a0\u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u0411\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 25 \u043a\u043e\u043c\u0430\u043d\u0434, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0441\u0432\u044f\u0437\u0438 C2, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0436\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u0445 \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0431\u044b\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0442\u0440\u043e\u044f\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a wolfSSL \u0438 FingerText.\n\n\u0412\u0441\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 BYOVD \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u044b ESET \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c 15-\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u043e\u043c\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435.", "creation_timestamp": "2022-10-03T13:52:19.000000Z"}, {"uuid": "3439f742-168b-46d6-a054-ce92efc01c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3293", "content": "#exploit\nCVE-2021-21551:\nDell BIOS Driver Privilege Escalation Vulnerability\nhttps://labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws\n]-&gt; https://github.com/rapid7/metasploit-framework/pull/15190", "creation_timestamp": "2023-02-02T07:59:31.000000Z"}, {"uuid": "9c030823-8981-42f7-82d2-6ed3f599ec44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}, {"uuid": "ef131d7a-9816-4fac-a708-05e2847f0e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/313eb1b6-1b2c-43d9-8bc0-be422cfc8b45", "content": "", "creation_timestamp": "2023-03-22T16:33:47.000000Z"}, {"uuid": "f701508c-eafa-44d9-911e-e506d3c2665c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971489", "content": "", "creation_timestamp": "2024-12-24T20:30:04.032074Z"}, {"uuid": "304591a5-dd32-4b8d-8fd8-8aef47b19545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:28.000000Z"}, {"uuid": "396dbc11-90cc-4b7f-be04-38d73415594a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2021_21551_dbutil_memmove.rb", "content": "", "creation_timestamp": "2021-05-14T19:03:33.000000Z"}, {"uuid": "9361eebc-db60-4bd7-a305-bfb1411dc276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://gist.github.com/avinwebog/205d22f4fe6c9a728f5a06aa7ab17814", "content": "", "creation_timestamp": "2025-07-30T16:41:42.000000Z"}, {"uuid": "4eb129dd-01c3-405a-9e6b-82806db3a349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:47.000000Z"}, {"uuid": "4d8e4edb-f745-4343-bd52-8eefc793ee04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c2e458d5-7e8e-4754-8717-14c549e54bac", "content": "", "creation_timestamp": "2026-02-02T12:27:54.667291Z"}, {"uuid": "6b06a828-d196-4eb5-aa1c-b26a97472712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/498", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDell Driver EoP (CVE-2021-21551)\nURL\uff1ahttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551", "creation_timestamp": "2021-09-03T01:50:36.000000Z"}, {"uuid": "b776a668-8108-4ca7-ab51-e15085c6b33d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4056", "content": "\u0415\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 Dell, \u0442\u0430\u043c \u0432\u044b\u0448\u043b\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0432 \u044d\u0442\u0438\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445. \u0411\u0430\u0433\u0438 \u0441 2009 \u0433\u043e\u0434\u0430, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u044f\u0434\u0440\u0430, \u0442\u0430\u043a \u0447\u0442\u043e \u043b\u0443\u0447\u0448\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \n\nhttps://labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/", "creation_timestamp": "2021-05-05T04:17:06.000000Z"}, {"uuid": "0cf8ea39-71b8-465e-91da-1effb0fa0b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1289", "content": "\u200b\u200bDell Driver EoP (CVE-2021-21551)\n\nDell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.\n\nThis exploit was tested on Windows 10 v1511.\n\nhttps://github.com/nanabingies/CVE-2021-21551\n\n#cve", "creation_timestamp": "2023-01-30T22:53:50.000000Z"}, {"uuid": "702cd10d-1f49-4455-ae6a-a8c5834dc41a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/2951", "content": "https://voidsec.com/reverse-engineering-and-exploiting-dell-cve-2021-21551", "creation_timestamp": "2023-03-23T07:59:35.000000Z"}, {"uuid": "9ae19a0c-f52a-4bb2-8c9c-003345b68193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/472", "content": "CVE-2021-21551 DELL dbutil_2_3.sys 2.3 \u4efb\u610f\u5beb\u5165&amp;\u672c\u5730\u7279\u6b0a\u63d0\u5347\u6f0f\u6d1e\uff08LPE\uff09\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-21551_DELL_dbutil_2_3.sys_2.3_%E4%BB%BB%E6%84%8F%E5%AF%AB%E5%85%A5%26%E6%9C%AC%E5%9C%B0%E7%89%B9%E6%AC%8A%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%EF%BC%88LPE%EF%BC%89", "creation_timestamp": "2021-05-21T09:11:11.000000Z"}, {"uuid": "5b306b13-6a07-4478-bb1e-1121d995b163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2188", "content": "#Cobalt_Strike\n\nCobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.\n\nhttps://github.com/tijme/kernel-mii\n\n@BlueRedTeam", "creation_timestamp": "2022-06-25T23:16:46.000000Z"}, {"uuid": "f7861039-ceae-40e8-9aee-b604c6f612e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2237", "content": "#Cobalt_Strike \n\n\u200b\u200bkernel-mii\n\nCobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.\n\nThis is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.\n\nhttps://github.com/tijme/kernel-mii\n\n@BlueRedTeam", "creation_timestamp": "2022-07-16T22:12:04.000000Z"}, {"uuid": "f803400e-4357-4360-9598-86686cd5e56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/18", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:14:31.000000Z"}, {"uuid": "30ddf611-3d67-430d-8b4a-bc181bd86b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/19", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:15:23.000000Z"}, {"uuid": "91583800-c1c0-47a1-8262-a68ea76b5ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "99e901c2-cc79-4ab5-b67e-30d8858449a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:33.000000Z"}, {"uuid": "808130c2-120f-4cf7-9193-7da6d4c01dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/313eb1b6-1b2c-43d9-8bc0-be422cfc8b45", "content": "", "creation_timestamp": "2025-04-16T03:57:21.000000Z"}, {"uuid": "54e6bd3c-b901-40c3-b1a7-8b6a9ab0df00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://gist.github.com/pauldmurphy/12a5b700186d9a0a24fcbcd7b6c006cc", "content": "", "creation_timestamp": "2025-08-18T08:51:55.000000Z"}, {"uuid": "89a926b2-0656-41b6-af81-3f60be7f2234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_13/2021", "content": "", "creation_timestamp": "2021-05-05T07:54:59.000000Z"}, {"uuid": "a7e87ee6-b053-4e37-9d71-e16a750a9d49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c2e458d5-7e8e-4754-8717-14c549e54bac", "content": "", "creation_timestamp": "2026-02-02T12:27:54.667291Z"}, {"uuid": "f5490da6-a01c-4520-8171-b6145d34374b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "Telegram/b6ev6sdyVsJBTvn7rwFs9vDb4EqBsLblKg3JZ5-uDbtXYBI", "content": "", "creation_timestamp": "2025-12-03T03:00:07.000000Z"}, {"uuid": "0dc31e3a-5e25-49c5-af56-1fbe813a37ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "Telegram/irwLXMAiB6w66W75b78EbfxXn21oKT6o38Tz3Ak2e3-y138", "content": "", "creation_timestamp": "2025-01-12T16:00:09.000000Z"}, {"uuid": "bd76ef94-a73f-4c9f-94fa-f09c9494b604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "Telegram/avz76qSaEcDS_qE8nY0rykvdGe_lRYvCZjEXn6ZTl0w69hQ", "content": "", "creation_timestamp": "2024-07-06T15:53:23.000000Z"}, {"uuid": "0128cc7b-dc80-4f5d-bbb8-c6e8227dae33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "Telegram/6Sh9mXzmjwiCqYDRD-Q41Yldre37LHa2LS4oXpBfWb-WGg", "content": "", "creation_timestamp": "2021-05-04T17:46:59.000000Z"}, {"uuid": "51920c46-97cf-4c8f-bbe3-b5fd7183fc83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21553", "type": "seen", "source": "https://t.me/cibsecurity/26727", "content": "\u203c CVE-2021-21553 \u203c\n\nDell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T07:27:45.000000Z"}, {"uuid": "d8583f34-2a11-4184-a5ba-c7c1464b6ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2242", "content": "#Cobalt_Strike \n\nkernel-mii\n\nCobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.\n\nThis is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.\n\nhttps://github.com/NorthwaveSecurity/kernel-mii\n\n\n@BlueRedTeam", "creation_timestamp": "2022-07-19T21:02:29.000000Z"}, {"uuid": "b0db3a78-4c7f-4742-a36c-b7de208b66f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/419", "content": "https://github.com/nanabingies/CVE-2021-21551\n#github", "creation_timestamp": "2023-06-13T08:50:13.000000Z"}, {"uuid": "3ad8118d-1414-4b18-8cd9-7bddc78e3291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "4418dc1a-eb03-4783-a783-39196733b4f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113804988032761170", "content": "", "creation_timestamp": "2025-01-10T16:25:07.061911Z"}, {"uuid": "62a73572-4aa6-4357-9086-e436dd62c1f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lwuszxpe4d2n", "content": "", "creation_timestamp": "2025-08-21T01:45:53.107705Z"}, {"uuid": "8af86c40-b766-483d-9ec6-588beffa73a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-21551", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_13/2021", "content": "", "creation_timestamp": "2026-03-17T15:00:20.219956Z"}]}