Dell Client: Additional Information Regarding the March 2021 (GRUB) Vulnerability Disclosure
Summary: Vulnerabilities in GRUB (Grand Unified Bootloader) may allow Secure Boot bypass.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Security Article Type
Security KB
CVE Identifier
CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779
CVE-2021-20225 CVE-2021-20233
Issue Summary
Affected products:
Dell Client Consumer and Commercial platforms
Details
Reference:
Operating System provider’s advisories can be found on the following Dell Security Notice. Refer to KB article 183699: DSN-2021-002 Dell Response to the March 2, 2021 Grub2 Vulnerability Disclosure
Recommendations
Frequently Asked Questions:
Q: Which models are affected?
A: Dell Client and Commercial platforms that have UEFI Secure Boot enabled are impacted. Dell recommends that customers review their Operating System provider’s advisories for further information, including appropriate identification and additional mitigation measures.
Customer should follow security best practices and prevent unauthorized physical access to devices. Customer can also take the following measures to further protect themselves from physical attacks.
Q: I use a Windows Operating System. Am I impacted?
A: Yes. Windows Operating Systems are impacted. A malicious actor that has physical access to the platform, or OS administrator privileges, could load a vulnerable GRUB UEFI binary and boot time malware.
Q: What do I need to do to address this vulnerability?
A: GRUB Patch - As part of Linux Operating System vendors’ advisories, they are expected to roll out updated GRUB binaries.
Q: Which models are affected?
A: Dell Client and Commercial platforms that have UEFI Secure Boot enabled are impacted. Dell recommends that customers review their Operating System provider’s advisories for further information, including appropriate identification and additional mitigation measures.
Customer should follow security best practices and prevent unauthorized physical access to devices. Customer can also take the following measures to further protect themselves from physical attacks.
- Set BIOS Admin Password to prevent alteration of the BIOS Setup configuration, such as the boot device, and Secure Boot mode.
- Configure boot settings to only allow booting to the internal boot device.
Q: I use a Windows Operating System. Am I impacted?
A: Yes. Windows Operating Systems are impacted. A malicious actor that has physical access to the platform, or OS administrator privileges, could load a vulnerable GRUB UEFI binary and boot time malware.
Q: What do I need to do to address this vulnerability?
A: GRUB Patch - As part of Linux Operating System vendors’ advisories, they are expected to roll out updated GRUB binaries.
Legal Disclaimer
Affected Products
Product Security InformationArticle Properties
Article Number: 000183697
Article Type: Security KB
Last Modified: 18 Sep 2025
Version: 4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.