Search criteria
10 vulnerabilities found for zbook_studio_15_g8_firmware by hp
CVE-2021-39301 (GCVE-0-2021-39301)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:12",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39301",
"datePublished": "2022-02-16T16:38:12",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:41.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39300 (GCVE-0-2021-39300)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:13",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39300",
"datePublished": "2022-02-16T16:38:13",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39299 (GCVE-0-2021-39299)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:13",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39299",
"datePublished": "2022-02-16T16:38:13",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:41.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39298 (GCVE-0-2021-39298)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | 2nd Gen EPYC |
Affected:
Various
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "2nd Gen EPYC",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "Various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "3rd Gen EPYC",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 2000 Series",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 3000 Series ",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "Various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 5000 Series ",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
}
],
"datePublic": "2023-01-10T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T07:01:59.843980Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027"
}
],
"source": {
"advisory": "AMD-SB-1032",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-39298",
"datePublished": "2022-02-16T16:38:10.726517Z",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39297 (GCVE-0-2021-39297)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:11",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39297",
"datePublished": "2022-02-16T16:38:11",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39299 (GCVE-0-2021-39299)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:13",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39299",
"datePublished": "2022-02-16T16:38:13",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:41.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39300 (GCVE-0-2021-39300)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:13",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39300",
"datePublished": "2022-02-16T16:38:13",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39301 (GCVE-0-2021-39301)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:12",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39301",
"datePublished": "2022-02-16T16:38:12",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:41.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39297 (GCVE-0-2021-39297)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution; Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS |
Affected:
before 01.12.00
Affected: before 01.08.00 Affected: before 01.19.00 Affected: before 01.08.02 Affected: before 01.08.01 Affected: before 02.17.00 Affected: before 02.18.00 Affected: before 02.12.00 Affected: before 02.10.00 Affected: before 02.07.00 Affected: before 02.03.00 Affected: before 02.75 Affected: before 2.58 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 01.12.00"
},
{
"status": "affected",
"version": "before 01.08.00"
},
{
"status": "affected",
"version": "before 01.19.00"
},
{
"status": "affected",
"version": "before 01.08.02"
},
{
"status": "affected",
"version": "before 01.08.01"
},
{
"status": "affected",
"version": "before 02.17.00"
},
{
"status": "affected",
"version": "before 02.18.00"
},
{
"status": "affected",
"version": "before 02.12.00"
},
{
"status": "affected",
"version": "before 02.10.00"
},
{
"status": "affected",
"version": "before 02.07.00"
},
{
"status": "affected",
"version": "before 02.03.00"
},
{
"status": "affected",
"version": "before 02.75"
},
{
"status": "affected",
"version": "before 2.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution; Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:11",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2021-39297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS",
"version": {
"version_data": [
{
"version_value": "before 01.12.00"
},
{
"version_value": "before 01.08.00"
},
{
"version_value": "before 01.19.00"
},
{
"version_value": "before 01.08.02"
},
{
"version_value": "before 01.08.01"
},
{
"version_value": "before 02.17.00"
},
{
"version_value": "before 02.18.00"
},
{
"version_value": "before 02.12.00"
},
{
"version_value": "before 02.10.00"
},
{
"version_value": "before 02.07.00"
},
{
"version_value": "before 02.03.00"
},
{
"version_value": "before 02.75"
},
{
"version_value": "before 2.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution; Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5661066-5661090-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5661066-5661090-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2021-39297",
"datePublished": "2022-02-16T16:38:11",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39298 (GCVE-0-2021-39298)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 02:06
VLAI?
Summary
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| AMD | 2nd Gen EPYC |
Affected:
Various
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:42.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "2nd Gen EPYC",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "Various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "3rd Gen EPYC",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 2000 Series",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 3000 Series ",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "Various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 5000 Series ",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
}
],
"datePublic": "2023-01-10T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T07:01:59.843980Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027"
}
],
"source": {
"advisory": "AMD-SB-1032",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-39298",
"datePublished": "2022-02-16T16:38:10.726517Z",
"dateReserved": "2021-08-19T00:00:00",
"dateUpdated": "2024-08-04T02:06:42.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}