Vulnerabilities > CVE-2021-26943 - Unspecified vulnerability in Asus Ux360Ca Bios 303

CVSS 8.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

asus

NVD

Published: 2021-03-31

Updated: 2021-04-07

Summary

The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus Ux360Ca Bios - Asus Ux360Ca Bios 303	2
Hardware	Asus Asus Ux360Ca -	1

References

https://www.asus.com/support/FAQ/1045541/
https://www.youtube.com/watch?v=1H3AfaVyeuk