A total of 16 CVE identifiers have been assigned to the vulnerabilities, which have been described as stack overflow, heap overflow, and memory corruption bugs affecting the UEFI Runtime Driver eXecution Environment (DXE) and System Management Mode (SMM) components. All of these security holes have been assigned “high severity” ratings.
The flaws affect a wide range of enterprise products made by HP, including desktop, laptop, point-of-sale, and edge computing devices.