Surface Pro 3 Firmware
CVE-2021-42299
MEDIUM
2021-10-20
secure@microsoft.com
5.6
CVSS 3.1 · Vendor: microsoft
Share
Severity by source
Vendor (microsoft)
PRIMARY
5.6
MEDIUM
AV:P/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Attack Vector
Physical
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
None
Lifecycle Timeline
1
CVE Published
Oct 20, 2021 - 22:15 cve.org
MEDIUM 5.6
DescriptionCVE.org
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
AnalysisAI
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.6).
Technical ContextAI
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability Affected products include: Microsoft Surface Pro 3 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).