CVE-2022-23924 — Sensitive Information Exposure in HP PC Bios

3 documents3 sources
Severity
8.2HIGHNVD
EPSS
0.1%
top 80.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP PC BiosHP INC HP PC Bios
Timeline
PublishedMar 11
Latest updateMar 12

Description

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

â–¶NVDhp/pc_bios< 02.07.10
â–¶CVEListV5hp_inc/hp_pc_biosbefore 02.07.10 (S05, S15 BIOS)

🔴Vulnerability Details

2
GHSA
GHSA-5j3x-2xc7-9328: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Ex↗2022-03-12
â–¶
CVEList
CVE-2022-23924: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Ex↗2022-03-11
â–¶
CVE-2022-23924 — Sensitive Information Exposure in HP | cvebase