DSA-2021-176: Dell PowerEdge Server BIOS EDK II Vulnerability

Summary: Dell PowerEdge BIOS remediation is available for an EDK II vulnerability that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Medium

Details

Third-party Component CVE More information
EDK II CVE-2019-14553 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
Third-party Component CVE More information
EDK II CVE-2019-14553 See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions or later Link to Update
R740 Versions before 2.12.2 2.12.2 R740 Drivers & Downloads
R740XD Versions before 2.12.2 2.12.2 R740XD Drivers & Downloads
R640 Versions before 2.12.2 2.12.2 R640 Drivers & Downloads
R940 Versions before 2.12.2 2.12.2 R940 Drivers & Downloads
R540 Versions before 2.12.2 2.12.2 R540 Drivers & Downloads
R440 Versions before 2.12.2 2.12.2 R440 Drivers & Downloads
T440 Versions before 2.12.2 2.12.2 T440 Drivers & Downloads
XR2 Versions before 2.12.2 2.12.2 XR2 Drivers & Downloads
R740XD2 Versions before 2.12.2 2.12.2 R740XD2 Drivers & Downloads
R840 Versions before 2.12.2 2.12.2 R840 Drivers & Downloads
R940XA Versions before 2.12.2 2.12.2 R940XA Drivers & Downloads
T640 Versions before 2.12.2 2.12.2 T640 Drivers & Downloads
C6420 Versions before 2.12.2 2.12.2 C6420 Drivers & Downloads
FC640 Versions before 2.12.2 2.12.2 FC640 Drivers & Downloads
M640 Versions before 2.12.2 2.12.2 M640 Drivers & Downloads
M640P Versions before 2.12.2 2.12.2 M640P Drivers & Downloads
MX740C Versions before 2.12.2 2.12.2 MX740C Drivers & Downloads
MX840C Versions before 2.12.2 2.12.2 MX840C Drivers & Downloads
C4140 Versions before 2.12.2 2.12.2 C4140 Drivers & Downloads
T140 Versions before 2.6.3 2.6.3 T140 Drivers & Downloads
T340 Versions before 2.6.3 2.6.3 T340 Drivers & Downloads
R240 Versions before 2.6.3 2.6.3 R240 Drivers & Downloads
R340 Versions before 2.6.3 2.6.3 R340 Drivers & Downloads
DSS 8440 Versions before 2.12.2 2.12.2 DSS 8440 Drivers & Downloads
XE2420 Versions before 2.12.3 2.12.3 XE2420 Drivers & Downloads
XE7420 Versions before 2.12.3 2.12.3 XE7420 Drivers & Downloads
XE7440 Versions before 2.12.3 2.12.3 XE7440 Drivers & Downloads

The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Product Affected Versions Updated Versions or later Link to Update
R740 Versions before 2.12.2 2.12.2 R740 Drivers & Downloads
R740XD Versions before 2.12.2 2.12.2 R740XD Drivers & Downloads
R640 Versions before 2.12.2 2.12.2 R640 Drivers & Downloads
R940 Versions before 2.12.2 2.12.2 R940 Drivers & Downloads
R540 Versions before 2.12.2 2.12.2 R540 Drivers & Downloads
R440 Versions before 2.12.2 2.12.2 R440 Drivers & Downloads
T440 Versions before 2.12.2 2.12.2 T440 Drivers & Downloads
XR2 Versions before 2.12.2 2.12.2 XR2 Drivers & Downloads
R740XD2 Versions before 2.12.2 2.12.2 R740XD2 Drivers & Downloads
R840 Versions before 2.12.2 2.12.2 R840 Drivers & Downloads
R940XA Versions before 2.12.2 2.12.2 R940XA Drivers & Downloads
T640 Versions before 2.12.2 2.12.2 T640 Drivers & Downloads
C6420 Versions before 2.12.2 2.12.2 C6420 Drivers & Downloads
FC640 Versions before 2.12.2 2.12.2 FC640 Drivers & Downloads
M640 Versions before 2.12.2 2.12.2 M640 Drivers & Downloads
M640P Versions before 2.12.2 2.12.2 M640P Drivers & Downloads
MX740C Versions before 2.12.2 2.12.2 MX740C Drivers & Downloads
MX840C Versions before 2.12.2 2.12.2 MX840C Drivers & Downloads
C4140 Versions before 2.12.2 2.12.2 C4140 Drivers & Downloads
T140 Versions before 2.6.3 2.6.3 T140 Drivers & Downloads
T340 Versions before 2.6.3 2.6.3 T340 Drivers & Downloads
R240 Versions before 2.6.3 2.6.3 R240 Drivers & Downloads
R340 Versions before 2.6.3 2.6.3 R340 Drivers & Downloads
DSS 8440 Versions before 2.12.2 2.12.2 DSS 8440 Drivers & Downloads
XE2420 Versions before 2.12.3 2.12.3 XE2420 Drivers & Downloads
XE7420 Versions before 2.12.3 2.12.3 XE7420 Drivers & Downloads
XE7440 Versions before 2.12.3 2.12.3 XE7440 Drivers & Downloads

The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Workarounds & Mitigations


Revision History

RevisionDateDescription
1.02021-09-08Initial Release
2.02021-09-13XE7420 and XE7440 Platform Release Links Added

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerEdge XR2, Poweredge C4140, PowerEdge C6420, PowerEdge FC640, PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX740C, PowerEdge MX840C, PowerEdge R240, PowerEdge R340, PowerEdge R440, PowerEdge R540, PowerEdge R640, PowerEdge R740 , PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R840, PowerEdge R940, PowerEdge R940xa, PowerEdge T140, PowerEdge T340, PowerEdge T440, PowerEdge T640, PowerEdge XE2420, PowerEdge XE7420, PowerEdge XE7440, Product Security Information ...
Article Properties
Article Number: 000191303
Article Type: Dell Security Advisory
Last Modified: 13 Sep 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.