{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-3809","assignerOrgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","state":"PUBLISHED","assignerShortName":"hp","dateReserved":"2021-09-16T17:39:00.913Z","datePublished":"2023-01-30T20:53:00.162Z","dateUpdated":"2025-03-27T19:00:42.865Z"},"containers":{"cna":{"descriptions":[{"lang":"en","value":"Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities."}],"affected":[{"versions":[{"version":"See HP Security Bulletin reference for affected versions.","status":"affected"}],"product":"HP PC BIOS","vendor":"HP Inc."}],"references":[{"url":"https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788"}],"providerMetadata":{"orgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","shortName":"hp","dateUpdated":"2023-02-01T06:15:59.102Z"},"x_generator":{"engine":"cveClient/1.0.13"},"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T17:09:09.559Z"},"title":"CVE Program Container","references":[{"url":"https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-269","lang":"en","description":"CWE-269 Improper Privilege Management"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-03-27T19:00:39.757642Z","id":"CVE-2021-3809","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-27T19:00:42.865Z"}}]}}