The two vulnerabilities are tracked as CVE-2021-3808 and CVE-2021-3809 and have a CVSS score of 8.8. HP has credited Nicholas Starke of Aruba Threat Labs and a researcher who uses the online moniker “yngweijw” for reporting these bugs, but did not provide technical information on either of the flaws.
However, the company did share a list of impacted products, which includes numerous business notebooks and desktop PCs, as well as desktop workstations, retail point-of-sale devices, and thin client PCs.
