Exploit Development: CVE-2021-21551 - Dell ‘dbutil_2_3.sys’ Kernel Exploit Writeup

Detailed technical write-up of CVE-2021-21551 in Dell’s dbutil_2_3.sys driver showing how a flawed IOCTL/memmove path grants arbitrary kernel read/write and a path to SYSTEM via page table entry corruption. The author reverse-engineers the driver, derives both write and read primitives, places token-stealing shellcode in a writable section, clears NX via PTE modification, and hijacks nt!HalDispatchTable+0x8 to execute, while discussing the role of VBS/HVCI/kCFG in blocking such attacks and providing a complete PoC.