Vulnerabilities > CVE-2021-26943 - Unspecified vulnerability in Asus Ux360Ca Bios

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

asus

NVD

Published: 2021-03-31

Updated: 2021-04-07

Summary

The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus Ux360Ca Bios *	1
Hardware	Asus Asus Ux360Ca -	1

References

https://www.asus.com/support/FAQ/1045541/
https://www.youtube.com/watch?v=1H3AfaVyeuk