CVE-2021-39297

Summary

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 01.12.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 01.08.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 01.19.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 01.08.02affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 01.08.01affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.17.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.18.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.12.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.10.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.07.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.03.00affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 02.75affected
n/aBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOSbefore 2.58affected

Weaknesses

  • Arbitrary Code Execution; Escalation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References