DSA-2021-176: Dell PowerEdge Server BIOS EDK II Vulnerability

Table of Contents

Detailed Article

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Dell PowerEdge BIOS remediation is available for an EDK II vulnerability that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Impact

Medium

Details

Third-party Component	CVE	More information
EDK II	CVE-2019-14553	See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

Third-party Component	CVE	More information
EDK II	CVE-2019-14553	See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product	Affected Versions	Updated Versions or later	Link to Update
R740	Versions before 2.12.2	2.12.2	R740 Drivers & Downloads
R740XD	Versions before 2.12.2	2.12.2	R740XD Drivers & Downloads
R640	Versions before 2.12.2	2.12.2	R640 Drivers & Downloads
R940	Versions before 2.12.2	2.12.2	R940 Drivers & Downloads
R540	Versions before 2.12.2	2.12.2	R540 Drivers & Downloads
R440	Versions before 2.12.2	2.12.2	R440 Drivers & Downloads
T440	Versions before 2.12.2	2.12.2	T440 Drivers & Downloads
XR2	Versions before 2.12.2	2.12.2	XR2 Drivers & Downloads
R740XD2	Versions before 2.12.2	2.12.2	R740XD2 Drivers & Downloads
R840	Versions before 2.12.2	2.12.2	R840 Drivers & Downloads
R940XA	Versions before 2.12.2	2.12.2	R940XA Drivers & Downloads
T640	Versions before 2.12.2	2.12.2	T640 Drivers & Downloads
C6420	Versions before 2.12.2	2.12.2	C6420 Drivers & Downloads
FC640	Versions before 2.12.2	2.12.2	FC640 Drivers & Downloads
M640	Versions before 2.12.2	2.12.2	M640 Drivers & Downloads
M640P	Versions before 2.12.2	2.12.2	M640P Drivers & Downloads
MX740C	Versions before 2.12.2	2.12.2	MX740C Drivers & Downloads
MX840C	Versions before 2.12.2	2.12.2	MX840C Drivers & Downloads
C4140	Versions before 2.12.2	2.12.2	C4140 Drivers & Downloads
T140	Versions before 2.6.3	2.6.3	T140 Drivers & Downloads
T340	Versions before 2.6.3	2.6.3	T340 Drivers & Downloads
R240	Versions before 2.6.3	2.6.3	R240 Drivers & Downloads
R340	Versions before 2.6.3	2.6.3	R340 Drivers & Downloads
DSS 8440	Versions before 2.12.2	2.12.2	DSS 8440 Drivers & Downloads
XE2420	Versions before 2.12.3	2.12.3	XE2420 Drivers & Downloads
XE7420	Versions before 2.12.3	2.12.3	XE7420 Drivers & Downloads
XE7440	Versions before 2.12.3	2.12.3	XE7440 Drivers & Downloads

The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Product	Affected Versions	Updated Versions or later	Link to Update
R740	Versions before 2.12.2	2.12.2	R740 Drivers & Downloads
R740XD	Versions before 2.12.2	2.12.2	R740XD Drivers & Downloads
R640	Versions before 2.12.2	2.12.2	R640 Drivers & Downloads
R940	Versions before 2.12.2	2.12.2	R940 Drivers & Downloads
R540	Versions before 2.12.2	2.12.2	R540 Drivers & Downloads
R440	Versions before 2.12.2	2.12.2	R440 Drivers & Downloads
T440	Versions before 2.12.2	2.12.2	T440 Drivers & Downloads
XR2	Versions before 2.12.2	2.12.2	XR2 Drivers & Downloads
R740XD2	Versions before 2.12.2	2.12.2	R740XD2 Drivers & Downloads
R840	Versions before 2.12.2	2.12.2	R840 Drivers & Downloads
R940XA	Versions before 2.12.2	2.12.2	R940XA Drivers & Downloads
T640	Versions before 2.12.2	2.12.2	T640 Drivers & Downloads
C6420	Versions before 2.12.2	2.12.2	C6420 Drivers & Downloads
FC640	Versions before 2.12.2	2.12.2	FC640 Drivers & Downloads
M640	Versions before 2.12.2	2.12.2	M640 Drivers & Downloads
M640P	Versions before 2.12.2	2.12.2	M640P Drivers & Downloads
MX740C	Versions before 2.12.2	2.12.2	MX740C Drivers & Downloads
MX840C	Versions before 2.12.2	2.12.2	MX840C Drivers & Downloads
C4140	Versions before 2.12.2	2.12.2	C4140 Drivers & Downloads
T140	Versions before 2.6.3	2.6.3	T140 Drivers & Downloads
T340	Versions before 2.6.3	2.6.3	T340 Drivers & Downloads
R240	Versions before 2.6.3	2.6.3	R240 Drivers & Downloads
R340	Versions before 2.6.3	2.6.3	R340 Drivers & Downloads
DSS 8440	Versions before 2.12.2	2.12.2	DSS 8440 Drivers & Downloads
XE2420	Versions before 2.12.3	2.12.3	XE2420 Drivers & Downloads
XE7420	Versions before 2.12.3	2.12.3	XE7420 Drivers & Downloads
XE7440	Versions before 2.12.3	2.12.3	XE7440 Drivers & Downloads

The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Workarounds & Mitigations

Revision History

Revision	Date	Description
1.0	2021-09-08	Initial Release
2.0	2021-09-13	XE7420 and XE7440 Platform Release Links Added

Related Information

Legal Disclaimer

Affected Products

PowerEdge XR2, Poweredge C4140, PowerEdge C6420, PowerEdge FC640, PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX740C, PowerEdge MX840C, PowerEdge R240, PowerEdge R340, PowerEdge R440, PowerEdge R540, PowerEdge R640, PowerEdge R740 , PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R840, PowerEdge R940, PowerEdge R940xa, PowerEdge T140, PowerEdge T340, PowerEdge T440, PowerEdge T640, PowerEdge XE2420, PowerEdge XE7420, PowerEdge XE7440, Product Security Information ...

Article Number: 000191303

Article Type: Dell Security Advisory

Last Modified: 13 Sept 2021

Check if your device is covered by Support Services.

DSA-2021-176: Dell PowerEdge Server BIOS EDK II Vulnerability

Summary: Dell PowerEdge BIOS remediation is available for an EDK II vulnerability that may be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Welcome

Welcome to Dell

DSA-2021-176: Dell PowerEdge Server BIOS EDK II Vulnerability

Summary: Dell PowerEdge BIOS remediation is available for an EDK II vulnerability that may be exploited by malicious users to compromise the affected system.

Detailed Article

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Info

Legal Disclaimer

Affected Products

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services