CVE-2021-39298
Published: 16 February 2022
Summary
CVE-2021-39298 is a high-severity an unspecified weakness vulnerability in Hp Z4 G4 Workstation \(Core-X\) Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked at the 17.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-25659
Vulnerability details
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in…
more
the UEFI firmware.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.