Vulnerability Description
A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Z1 All-In-One G3 Firmware | 01.31 |
| Hp | Z1 All-In-One G3 | - |
| Hp | Z2 Mini G3 Firmware | 01.83 |
| Hp | Z2 Mini G3 | - |
| Hp | Z2 Mini G4 Firmware | 01.08.01 |
| Hp | Z2 Mini G4 | - |
| Hp | Z2 Mini G5 Firmware | 01.03.00_rev_a |
| Hp | Z2 Mini G5 | - |
| Hp | Z2 Small Form Factor G4 Firmware | 01.08.01 |
| Hp | Z2 Small Form Factor G4 | - |
| Hp | Z2 Small Form Factor G5 Firmware | 01.03.00_rev_a |
| Hp | Z2 Small Form Factor G5 | - |
| Hp | Z2 Small Form Factor G8 Firmware | 01.03.00_rev_a |
| Hp | Z2 Small Form Factor G8 | - |
| Hp | Z2 Tower G4 Firmware | 01.08.01 |
| Hp | Z2 Tower G4 | - |
| Hp | Z2 Tower G5 Firmware | 01.03.00_rev_a |
| Hp | Z2 Tower G5 | - |
| Hp | Z2 Tower G8 Firmware | 01.03.00_rev_a |
| Hp | Z2 Tower G8 | - |
Related Weaknesses (CWE)
References
- https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770Vendor Advisory
- https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770Vendor Advisory
FAQ
What is CVE-2021-3661?
CVE-2021-3661 is a vulnerability with a CVSS score of 8.4 (HIGH). A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential v...
How severe is CVE-2021-3661?
CVE-2021-3661 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3661?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Z1 All-In-One G3 Firmware, Hp Z1 All-In-One G3, Hp Z2 Mini G3 Firmware, Hp Z2 Mini G3, Hp Z2 Mini G4 Firmware.