CVE-2021-39300 — Vulnetix

CVE-2021-39300 PUBLISHED

BRLY-2021-006 High CVE-2021-39300 BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local privileged user to access UEFI DXE driver and execute arbitrary code.

EPSS 0.06% · 19.0th percentile

Risk Scores

EPSS Score

0.06%

19.0th percentile

Timeline

Feb 4, 2022 CVE Published
Feb 17, 2022 EPSS Score
Mar 8, 2022 EPSS Score
Apr 10, 2022 EPSS Score
Jun 1, 2022 EPSS Score
Jul 24, 2022 EPSS Score
Sep 14, 2022 EPSS Score
Nov 5, 2022 EPSS Score
Dec 27, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Apr 11, 2023 EPSS Score
Jun 2, 2023 EPSS Score

References

The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices. advisory
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices. advisory

Open in Interactive Console →