CVE-2021-22887
First published: Tue Mar 16 2021(Updated: )
A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pulsesecure Psa-5000 Firmware | ||
| Pulsesecure Psa-5000 | ||
| Pulsesecure Psa-7000 Firmware | ||
| Pulsesecure Psa-7000 | ||
| Supermicro X10slh-f Firmware | <3.4 | |
| Supermicro X10slh-f | ||
| Supermicro X10sll-f Firmware | <3.4 | |
| Supermicro X10sll-f | ||
| Supermicro X10slm-f Firmware | <3.4 | |
| Supermicro X10slm-f | ||
| Supermicro X10sll\+f Firmware | <3.4 | |
| Supermicro X10sll\+f | ||
| Supermicro X10slm\+-f Firmware | <3.4 | |
| Supermicro X10slm\+-f | ||
| Supermicro X10slm\+ln4f Firmware | <3.4 | |
| Supermicro X10slm\+ln4f | ||
| Supermicro X10sla-f Firmware | <3.4 | |
| Supermicro X10sla-f | ||
| Supermicro X10sl7-f Firmware | <3.4 | |
| Supermicro X10sl7-f | ||
| Supermicro X10sll-s Firmware | <3.4 | |
| Supermicro X10sll-s | ||
| Supermicro X10sll-sf Firmware | <3.4 | |
| Supermicro X10sll-sf |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Pulse Secure BIOS vulnerability?
The vulnerability ID for this Pulse Secure BIOS vulnerability is CVE-2021-22887.
What is the severity level of CVE-2021-22887?
CVE-2021-22887 has a severity level of low with a CVSS score of 2.3.
Which hardware models are affected by this vulnerability?
The Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 are affected by this vulnerability.
What is the impact of this vulnerability?
This vulnerability could allow an attacker to compromise the BIOS firmware of affected Pulse Secure devices.
How can this vulnerability be exploited?
This vulnerability can be exploited as part of an attack chain, and the attacker must first exploit the device before compromising the BIOS.
- collector/nvd-index
- vendor/pulsesecure
- canonical/pulsesecure psa-5000 firmware
- canonical/pulsesecure psa-5000
- canonical/pulsesecure psa-7000 firmware
- canonical/pulsesecure psa-7000
- vendor/supermicro
- canonical/supermicro x10slh-f firmware
- canonical/supermicro x10slh-f
- canonical/supermicro x10sll-f firmware
- canonical/supermicro x10sll-f
- canonical/supermicro x10slm-f firmware
- canonical/supermicro x10slm-f
- canonical/supermicro x10sll\+f firmware
- canonical/supermicro x10sll\+f
- canonical/supermicro x10slm\+-f firmware
- canonical/supermicro x10slm\+-f
- canonical/supermicro x10slm\+ln4f firmware
- canonical/supermicro x10slm\+ln4f
- canonical/supermicro x10sla-f firmware
- canonical/supermicro x10sla-f
- canonical/supermicro x10sl7-f firmware
- canonical/supermicro x10sl7-f
- canonical/supermicro x10sll-s firmware
- canonical/supermicro x10sll-s
- canonical/supermicro x10sll-sf firmware
- canonical/supermicro x10sll-sf