CVE-2021-26943

HIGH

ASUS UX360CA BIOS <303 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-26943. PoCs published by tandasat.

AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2021-26943, targeting a vulnerability in System Management Mode (SMM) to achieve arbitrary code execution in SMRAM. The exploit patches the SMST->SmmLocateProtocol function pointer and triggers shellcode execution via SMI.

Description

The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).

Exploits (1)

nomisec WORKING POC 144 stars

by tandasat · poc

https://github.com/tandasat/SmmExploit

View Code ZIP pw:eip

This is a proof-of-concept exploit for CVE-2021-26943, targeting a vulnerability in System Management Mode (SMM) to achieve arbitrary code execution in SMRAM. The exploit patches the SMST->SmmLocateProtocol function pointer and triggers shellcode execution via SMI.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: UEFI firmware with vulnerable SMM implementation

No auth needed

Prerequisites: Physical memory access · Vulnerable SMM implementation

MITRE ATT&CK

T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://www.asus.com/support/FAQ/1045541/

Exploit, Third Party Advisory x_refsource_misc

https://www.youtube.com/watch?v=1H3AfaVyeuk

Scores

CVSS v3 8.2

EPSS 0.0094

EPSS Percentile 56.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

Status published

Products (1)

asus/ux360ca_bios < 304

Published Mar 31, 2021

Tracked Since Feb 18, 2026