Systems Management General

Last reply by 09-20-2022 Unsolved
Start a Discussion
2 Bronze
2 Bronze
121

MECM - Dell Third Party Software Update Catalog Re-introduces CVE-2021-21551

Bit of a heads up really, 

We just re-enabled Dells TPU in MECM after about a year hiatus, it's brought in "Dell OpenManage Inventory Agent(for Dell Business Client Systems), 2.3.0.0" (from 22/01/2021) and this installs DBUtil_2_3.sys (C:\WINDOWS\TEMP\DBUtil_2_3.Sys) which is a security vulnerability as per https://www.dell.com/support/kbdoc/en-au/000186019/dsa-2021-088-dell-client-platform-security-update...

If anyone has this version of the inventory agent, you might want to mitigate the security vulnerability from a year ago. I've submitted a job to Dell requesting they replace & supersede this version of the agent in the catalogue.

 

Replies (0)
Latest Solutions
Top Contributor