Arbitrary Code Execution
Source: HP, HP Product Security Response Team (PSRT)
Reported By: Eclypsium, Inc.
note:The computers running Windows are vulnerable as long as they allow booting the vulnerable versions of GRUB2.
Reference
|
Base Vector
|
Base Score
|
CVE-2020-10713
|
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
8.2
|
CVE-2020-25647
|
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
7.6
|
CVE-2020-14372
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2020-25632
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2020-27749
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2020-27779
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2021-20225
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2021-20233
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
7.5
|
CVE-2020-14309
|
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.7
|
CVE-2020-14308
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.4
|
CVE-2020-15705
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.4
|
CVE-2020-15706
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.4
|
CVE-2020-15707
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.4
|
CVE-2021-3418
|
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
6.4
|
CVE-2020-14310
|
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
|
6.0
|
CVE-2020-14311
|
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
|
6.0
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|