Vulnerability Database

328,409

Total vulnerabilities in the database

CVE-2021-3809

Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.

  • Published: Feb 1, 2023
  • Updated: Nov 16, 2025
  • CVE: CVE-2021-3809
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
hp / elite_dragonfly_firmware 01.12.00 01.12.00.x
hp / elite_x2_1012_g2_firmware 1.41 1.41.x
hp / elite_x2_1013_g3_firmware 01.19.00 01.19.00.x
hp / elite_x2_g4_firmware 01.12.00 01.12.00.x
hp / elitebook_1040_g4_firmware 1.41 1.41.x
hp / elitebook_1050_g1_firmware 01.19.00 01.19.00.x
hp / elitebook_725_g4_firmware 1.4 1.4.x
hp / elitebook_735_g5_firmware 01.20.00 01.20.00.x
hp / elitebook_735_g6_firmware 01.19.00 01.19.00.x
hp / elitebook_745_g4_firmware 1.4 1.4.x
hp / elitebook_745_g5_firmware 01.20.00 01.20.00.x
hp / elitebook_745_g6_firmware 01.19.00 01.19.00.x
hp / elitebook_755_g4_firmware 1.4 1.4.x
hp / elitebook_755_g5_firmware 01.20.00 01.20.00.x
hp / elitebook_820_g4_firmware 1.41 1.41.x
hp / elitebook_828_g4_firmware 1.41 1.41.x
hp / elitebook_830_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_830_g6_firmware 01.12.00 01.12.00.x
hp / elitebook_836_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_836_g6_firmware 01.12.00 01.12.00.x
hp / elitebook_840_g4_firmware 1.41 1.41.x
hp / elitebook_840_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_840_g6_firmware 01.12.00 01.12.00.x
hp / elitebook_840r_g4_firmware 01.19.00 01.19.00.x
hp / elitebook_846_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_848_g4_firmware 1.41 1.41.x
hp / elitebook_850_g4_firmware 1.41 1.41.x
hp / elitebook_850_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_850_g6_firmware 01.12.00 01.12.00.x
hp / elitebook_x360_1020_g2_firmware 1.41 1.41.x
hp / elitebook_x360_1030_g2_firmware 1.41 1.41.x
hp / elitebook_x360_1030_g3_firmware 01.19.00 01.19.00.x
hp / elitebook_x360_1030_g4_firmware 01.12.00 01.12.00.x
hp / elitebook_x360_1040_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_x360_1040_g6_firmware 01.12.00 01.12.00.x
hp / elitebook_x360_830_g5_firmware 01.19.00 01.19.00.x
hp / elitebook_x360_830_g6_firmware 01.12.00 01.12.00.x
hp / pro_x2_612_g2_firmware 1.41 1.41.x
hp / probook_11_ee_g2_firmware 1.55 1.55.x
hp / probook_430_g4_firmware 1.41 1.41.x
hp / probook_430_g5_firmware 01.20.00 01.20.00.x
hp / probook_430_g6_firmware 01.19.00 01.19.00.x
hp / probook_440_g4_firmware 1.41 1.41.x
hp / probook_440_g5_firmware 01.20.00 01.20.00.x
hp / probook_440_g6_firmware 01.19.00 01.19.00.x
hp / probook_445_g6_firmware 01.19.00 01.19.00.x
hp / probook_445r_g6_firmware 01.19.00 01.19.00.x
hp / probook_450_g4_firmware 1.41 1.41.x
hp / probook_450_g5_firmware 01.20.00 01.20.00.x
hp / probook_450_g6_firmware 01.19.00 01.19.00.x
hp / probook_455_g4_firmware 1.4 1.4.x
hp / probook_455_g5_firmware 01.20.00 01.20.00.x
hp / probook_455_g6_firmware 01.19.00 01.19.00.x
hp / probook_455r_g6_firmware 01.19.00 01.19.00.x
hp / probook_470_g4_firmware 1.41 1.41.x
hp / probook_470_g5_firmware 01.20.00 01.20.00.x
hp / probook_640_g3_firmware 1.41 1.41.x
hp / probook_640_g4_firmware 01.20.00 01.20.00.x
hp / probook_640_g5_firmware 01.12.00 01.12.00.x
hp / probook_645_g3_firmware 1.4 1.4.x
hp / probook_645_g4_firmware 01.20.00 01.20.00.x
hp / probook_650_g3_firmware 1.41 1.41.x
hp / probook_650_g4_firmware 01.20.00 01.20.00.x
hp / probook_650_g5_firmware 01.12.00 01.12.00.x
hp / probook_655_g3_firmware 1.4 1.4.x
hp / probook_x360_11_g2_ee_firmware 1.43 1.43.x
hp / probook_x360_11_g3_ee_firmware 01.17.00 01.17.00.x
hp / probook_x360_11_g4_ee_firmware 01.13.00 01.13.00.x
hp / probook_x360_440_g1_firmware 01.19.00 01.19.00.x
hp / zbook_14u_g4_firmware 1.41 1.41.x
hp / zbook_14u_g5_firmware 01.19.00 01.19.00.x
hp / zbook_14u_g6_firmware 01.12.00 01.12.00.x
hp / zbook_15_g4_firmware 1.41 1.41.x
hp / zbook_15_g5_firmware 01.19.00 01.19.00.x
hp / zbook_15_g6_firmware 01.12.00 01.12.00.x
hp / zbook_15u_g4_firmware 1.41 1.41.x
hp / zbook_15u_g5_firmware 01.19.00 01.19.00.x
hp / zbook_15u_g6_firmware 01.12.00 01.12.00.x
hp / zbook_17_g4_firmware 1.41 1.41.x
hp / zbook_17_g5_firmware 01.19.00 01.19.00.x
hp / zbook_17_g6_firmware 01.12.00 01.12.00.x
hp / zbook_studio_g4_firmware 1.41 1.41.x
hp / zbook_studio_g5_firmware 01.19.00 01.19.00.x
hp / zbook_studio_x360_g5_firmware 01.19.00 01.19.00.x
hp / zbook_x2_g4_firmware 1.41 1.41.x
hp / zhan_66_pro_13_g2_firmware 01.19.00 01.19.00.x
hp / zhan_66_pro_14_g2_firmware 01.19.00 01.19.00.x
hp / zhan_66_pro_15_g2_firmware 01.19.00 01.19.00.x
hp / zhan_66_pro_g1_firmware 01.20.00 01.20.00.x
hp / zhan_x_13_g2_firmware 01.12.00 01.12.00.x
hp / hp_z1_all-in-one_g3_firmware 1.31 1.31.x
hp / hp_z1_entry_tower_g5_firmware 02.11.00 02.11.00.x
hp / hp_z2_mini_g3_firmware 1.83 1.83.x
hp / hp_z2_mini_g4_firmware 01.08.01 01.08.01.x
hp / hp_z2_mini_g5_firmware 01.04.02 01.04.02.x
hp / hp_z2_small_form_factor_g4_firmware 01.08.01 01.08.01.x
hp / hp_z2_small_form_factor_g5_firmware 01.04.02 01.04.02.x
hp / hp_z2_tower_g4_firmware 01.08.01 01.08.01.x
hp / hp_z2_tower_g5_firmware 01.04.02 01.04.02.x
hp / hp_z238_microtower_firmware 1.83 1.83.x
hp / hp_z240_small_form_factor_firmware 1.83 1.83.x
hp / hp_z240_tower_firmware 1.83 1.83.x
hp / hp_mt21_mobile_thin_client_firmware 01.21.01 01.21.01.x
hp / hp_mt31_mobile_thin_client_firmware 01.21.01 01.21.01.x
hp / hp_mt44_mobile_thin_client_firmware 01.21.01 01.21.01.x
hp / hp_mt45_mobile_thin_client_firmware 01.21.01 01.21.01.x
hp / elite_slice_firmware 2.55 2.55.x
hp / elite_slice_g2_firmware 2.55 2.55.x
hp / elitedesk_705_g3_desktop_mini_pc_firmware 2.38 2.38.x
hp / elitedesk_705_g3_microtower_pc_firmware 2.38 2.38.x
hp / elitedesk_705_g3_small_form_factor_pc_firmware 2.38 2.38.x
hp / elitedesk_705_g4_desktop_mini_pc_firmware 02.17.00 02.17.00.x
hp / elitedesk_705_g4_microtower_pc_firmware 02.17.00 02.17.00.x
hp / elitedesk_705_g4_small_form_factor_pc_firmware 02.12.00 02.12.00.x
hp / elitedesk_705_g4_workstation_firmware 02.17.00 02.17.00.x
hp / elitedesk_705_g5_desktop_mini_pc_firmware 02.11.00 02.11.00.x
hp / elitedesk_705_g5_small_form_factor_pc_firmware 02.11.00 02.11.00.x
hp / elitedesk_800_35w_g3_desktop_mini_pc_firmware 2.4 2.4.x
hp / elitedesk_800_35w_g4_desktop_mini_pc_firmware 02.18.00 02.18.00.x
hp / elitedesk_800_65w_g3_desktop_mini_pc_firmware 2.4 2.4.x
hp / elitedesk_800_65w_g4_desktop_mini_pc_firmware 02.18.00 02.18.00.x
hp / elitedesk_800_95w_g4_desktop_mini_pc_firmware 02.18.00 02.18.00.x
hp / elitedesk_800_g3_small_form_factor_pc_firmware 2.4 2.4.x
hp / elitedesk_800_g3_tower_pc_firmware 2.4 2.4.x
hp / elitedesk_800_g4_small_form_factor_pc_firmware 02.17.00 02.17.00.x
hp / elitedesk_800_g4_tower_pc_firmware 02.17.00 02.17.00.x
hp / elitedesk_800_g4_workstation_firmware 02.17.00 02.17.00.x
hp / elitedesk_800_g5_desktop_mini_pc_firmware 02.11.00 02.11.00.x
hp / elitedesk_800_g5_small_form_factor_pc_firmware 02.11.00 02.11.00.x
hp / elitedesk_800_g5_tower_pc_firmware 02.11.00 02.11.00.x
hp / elitedesk_880_g3_tower_pc_firmware 2.4 2.4.x
hp / elitedesk_880_g4_tower_pc_firmware 02.17.00 02.17.00.x
hp / elitedesk_880_g5_tower_pc_firmware 02.11.00 02.11.00.x
hp / eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware 2.4 2.4.x
hp / eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware 02.18.00 02.18.00.x
hp / eliteone_800_g3_23.8_non-touch_all-in-one_business_pc_firmware 2.4 2.4.x
hp / eliteone_800_g4_23.8-in_all-in-one_business_pc_firmware 02.18.00 02.18.00.x
hp / eliteone_800_g5_23.8-in_all-in-one_firmware 2.11.01 2.11.01.x
hp / prodesk_400_g3_desktop_mini_pc_firmware 2.4 2.4.x
hp / prodesk_400_g4_desktop_mini_pc_firmware 02.18.00 02.18.00.x
hp / prodesk_400_g4_microtower_pc_firmware 2.4 2.4.x
hp / prodesk_400_g4_small_form_factor_pc_firmware 2.4 2.4.x
hp / prodesk_400_g5_desktop_mini_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_400_g5_microtower_pc_firmware 02.17.00 02.17.00.x
hp / prodesk_400_g5_small_form_factor_pc_firmware 2.17 2.17.x
hp / prodesk_400_g6_microtower_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_400_g6_small_form_factor_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_405_g4_desktop_mini_pc_firmware 02.17.00 02.17.00.x
hp / prodesk_405_g4_small_form_factor_pc_firmware 02.12.00 02.12.00.x
hp / prodesk_480_g4_microtower_pc_firmware 2.4 2.4.x
hp / prodesk_480_g5_microtower_pc_firmware 02.17.00 02.17.00.x
hp / prodesk_480_g6_microtower_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_600_g3_desktop_mini_pc_firmware 2.4 2.4.x
hp / prodesk_600_g3_microtower_pc_firmware 2.4 2.4.x
hp / prodesk_600_g3_small_form_factor_pc_firmware 2.4 2.4.x
hp / prodesk_600_g4_desktop_mini_pc_firmware 02.18.00 02.18.00.x
hp / prodesk_600_g4_microtower_pc_firmware 02.17.00 02.17.00.x
hp / prodesk_600_g4_small_form_factor_pc_firmware 02.18.00 02.18.00.x
hp / prodesk_600_g5_desktop_mini_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_600_g5_microtower_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_600_g5_small_form_factor_pc_firmware 02.11.00 02.11.00.x
hp / prodesk_680_g3_microtower_pc_firmware 2.4 2.4.x
hp / prodesk_680_g4_microtower_pc_firmware 02.17.00 02.17.00.x
hp / proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware 2.4 2.4.x
hp / proone_400_g3_20-inch_touch_all-in-one_pc_firmware 2.4 2.4.x
hp / proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware 02.17.00 02.17.00.x
hp / proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware 02.17.00 02.17.00.x
hp / proone_400_g5_20-inch_all-in-one_business_pc_firmware 02.11.01 02.11.01.x
hp / proone_400_g5_23.8-inch_all-in-one_business_pc_firmware 02.11.01 02.11.01.x
hp / proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware 02.17.00 02.17.00.x
hp / proone_440_g5_23.8-in_all-in-one_business_pc_firmware 02.11.01 02.11.01.x
hp / proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware 2.4 2.4.x
hp / proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware 2.4 2.4.x
hp / proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware 02.17.00 02.17.00.x
hp / proone_600_g5_21.5-in_all-in-one_business_pc_firmware 02.11.01 02.11.01.x
hp / engage_flex_pro_retail_system_firmware 02.17.00 02.17.00.x
hp / engage_flex_pro-c_retail_system_firmware 02.17.00 02.17.00.x
hp / engage_go_10_mobile_system_firmware 01.08.00 01.08.00.x
hp / engage_go_mobile_system_firmware 01.19.00 01.19.00.x
hp / engage_one_aio_system_firmware 02.40.00 02.40.00.x
hp / mp9_g4_retail_system_firmware 02.17.00 02.17.00.x

Frequently Asked Questions

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.

Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.

Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.