CVE-2021-22887
Severity Score
2.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device.
Una vulnerabilidad en el BIOS de los modelos Pulse Secure (hardware de la serie PSA) PSA5000 y PSA7000, podrĂa permitir a un atacante comprometer el firmware del BIOS. Esta vulnerabilidad solo puede ser explotada como parte de una cadena de ataque. Antes de que un atacante pueda comprometer el BIOS, deben explotar el dispositivo
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-06 CVE Reserved
- 2021-03-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-506: Embedded Malicious Code
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.supermicro.com/en/support/security/Trickbot | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44712 | 2021-03-22 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Pulsesecure Search vendor "Pulsesecure" | Psa-5000 Firmware Search vendor "Pulsesecure" for product "Psa-5000 Firmware" | - | - |
Affected
| in | Pulsesecure Search vendor "Pulsesecure" | Psa-5000 Search vendor "Pulsesecure" for product "Psa-5000" | - | - |
Safe
|
| Pulsesecure Search vendor "Pulsesecure" | Psa-7000 Firmware Search vendor "Pulsesecure" for product "Psa-7000 Firmware" | - | - |
Affected
| in | Pulsesecure Search vendor "Pulsesecure" | Psa-7000 Search vendor "Pulsesecure" for product "Psa-7000" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10slh-f Firmware Search vendor "Supermicro" for product "X10slh-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10slh-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10slh-f Search vendor "Supermicro" for product "X10slh-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sll-f Firmware Search vendor "Supermicro" for product "X10sll-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sll-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sll-f Search vendor "Supermicro" for product "X10sll-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10slm-f Firmware Search vendor "Supermicro" for product "X10slm-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10slm-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10slm-f Search vendor "Supermicro" for product "X10slm-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sll\+f Firmware Search vendor "Supermicro" for product "X10sll\+f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sll\+f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sll\+f Search vendor "Supermicro" for product "X10sll\+f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10slm\+-f Firmware Search vendor "Supermicro" for product "X10slm\+-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10slm\+-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10slm\+-f Search vendor "Supermicro" for product "X10slm\+-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10slm\+ln4f Firmware Search vendor "Supermicro" for product "X10slm\+ln4f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10slm\+ln4f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10slm\+ln4f Search vendor "Supermicro" for product "X10slm\+ln4f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sla-f Firmware Search vendor "Supermicro" for product "X10sla-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sla-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sla-f Search vendor "Supermicro" for product "X10sla-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sl7-f Firmware Search vendor "Supermicro" for product "X10sl7-f Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sl7-f Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sl7-f Search vendor "Supermicro" for product "X10sl7-f" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sll-s Firmware Search vendor "Supermicro" for product "X10sll-s Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sll-s Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sll-s Search vendor "Supermicro" for product "X10sll-s" | - | - |
Safe
|
| Supermicro Search vendor "Supermicro" | X10sll-sf Firmware Search vendor "Supermicro" for product "X10sll-sf Firmware" | < 3.4 Search vendor "Supermicro" for product "X10sll-sf Firmware" and version " < 3.4" | - |
Affected
| in | Supermicro Search vendor "Supermicro" | X10sll-sf Search vendor "Supermicro" for product "X10sll-sf" | - | - |
Safe
|