HP Patches UEFI Vulnerabilities Affecting Over 200 Computers


HP released updates for two high-severity vulnerabilities in the UEFI firmware of more than 200 laptops, workstations, and other products on Wednesday.

CVE-2021-3808 and CVE-2021-3809 are the two vulnerabilities, which have a CVSS score of 8.8. HP credited Aruba Threat Labs’ Nicholas Starke and a researcher going by the online handle “yngweijw” with reporting the problems, but did not disclose technical details on either of the flaws. Read More…