Critical vulnerability in Dell EMC OpenManage Server Administrator; update now

Cybersecurity specialists reported the finding of a critical vulnerability in Dell EMC OpenManage Server Administrator, a software agent that provides a complete solution for system management. According to the report, successful exploitation of this vulnerability would allow the authentication processes of affected systems to be avoided.

Below is a brief overview of the reported flaw, in addition to its identification key and score according to the Common Vulnerability Scoring System (CVSS).

Tracked as CVE-2021-21513, this vulnerability exists due to an error in processing authentication requests, allowing threat actors to log in to OpenManage Server Administrator (OMSA) as an administrator without requiring the operating system username and password.

This flaw received a score of 8.8/10 on the CVSS scale.

The flaw lies in all dell EMC OpenManage Server Administrator versions earlier than and

While this flaw may be exploited by an unauthenticated remote threat actor over the Internet, cybersecurity experts have so far not detected attempts at active exploitation or the existence of a malware variant associated with this attack.

Security patches are now ready, so affected deployment administrators are encouraged to update as soon as possible. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.