CVE-2021-26943

Published: Mar 31, 2021Modified: Nov 21, 2024

8.2

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability: 1.5 / Impact: 6.0

Source: NVD

Description

The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).

Affected (1)

Products: Asus: Ux360ca Bios

Asus

1 product

Ux360ca Bios

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Ux360ca Bios	Before 304

Running on/with	Platform Versions
Asus Ux360ca	All versions

References (4)

https://www.asus.com/support/FAQ/1045541/

Source: cve@mitre.org

ExploitVendor Advisory

https://www.youtube.com/watch?v=1H3AfaVyeuk

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.asus.com/support/FAQ/1045541/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

https://www.youtube.com/watch?v=1H3AfaVyeuk

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.