CVE-2021-3809

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 80.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
182
HP Inc. HP PC BiosHP Elite Dragonfly FirmwareHP Elite Slice Firmware+179 more
Timeline
PublishedFeb 1

Description

Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages182 packages

🔴Vulnerability Details

2
GHSA
GHSA-fvh7-79fr-wwcg: Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execu2023-02-01
CVEList
CVE-2021-3809: Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execu2023-01-30
CVE-2021-3809 (HIGH CVSS 7.8) | Potential security vulnerabilities | cvebase.io