HP fixes bug letting attackers overwrite firmware in over 200 models

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which allow code to run with Kernel privileges.

Kernel-level privileges are the highest rights in Windows, allowing threat actors to execute any command at the Kernel level, including manipulating drivers and accessing the BIOS.

The flaws are tracked as CVE-2021-3808 and CVE-2021-3809, and both have a CVSS 3.1 base score of 8.8, giving them a high severity rating. At this time, HP has provided no technical details about these flaws.

 
  • +Reputation
  • Like
Reactions: Trooper and upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top