HP patches 16 UEFI firmware bugs allowing stealthy malware infections

2022-03-08 18:00

HP has disclosed 16 high-impact UEFI firmware vulnerabilities that could allow threat actors to infect devices with malware that gain high privileges and remain undetectable by installed security software.

SSM. CVE-2021-23924: heap buffer overflow leading to arbitrary code execution.

CVE-2021-23931: heap buffer overflow leading to arbitrary code execution.

CVE-2021-23934: memory corruption leading to arbitrary code execution(CVSS - 8.2). DXE. CVE-2021-39297: stack buffer overflow leading to arbitrary code execution.

CVE-2021-39299: stack buffer overflow leading to arbitrary code execution.

One of the flaws, CVE-2021-39298, was identified as an AMD reference code vulnerability, and as such, it doesn't affect only HP but numerous computer vendors who use the particular firmware driver.

News URL

https://www.bleepingcomputer.com/news/security/hp-patches-16-uefi-firmware-bugs-allowing-stealthy-malware-infections/

#firmware #HP #malware #uefi #CVE-2021-39297 #CVE-2021-23931 #CVE-2021-39299 #CVE-2021-23934 #CVE-2021-23924 #CVE-2021-39298

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2021-39299	Unspecified vulnerability in HP products Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. local low complexity hp	7.2
2022-02-16	CVE-2021-39298	Unspecified vulnerability in HP products A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware. local low complexity hp	8.8
2022-02-16	CVE-2021-39297	Unspecified vulnerability in HP products Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. local low complexity hp	7.2
2021-04-01	CVE-2021-23924	Information Exposure Through Log Files vulnerability in Devolutions Server An issue was discovered in Devolutions Server before 2020.3. network low complexity devolutions CWE-532	5.0
2021-01-12	CVE-2021-23931	Cross-site Scripting vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.4 allows XSS via an inline binary file. network open-xchange CWE-79	4.3
2021-01-12	CVE-2021-23934	Cross-site Scripting vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. network open-xchange CWE-79	4.3

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
HP		8950	139	728	500	670	2037