CVE-2022-23926 β€” Sensitive Information Exposure in HP PC Bios

5 documents4 sources
Severity
8.2HIGHNVD
EPSS
0.1%
top 80.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP PC BiosHP INC HP PC Bios
Timeline
PublishedMar 11
Latest updateOct 15

Description

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

β–ΆNVDhp/pc_bios< 02.07.10
β–ΆCVEListV5hp_inc/hp_pc_biosbefore 02.07.10 (S05, S15 BIOS)

πŸ”΄Vulnerability Details

2
GHSA
GHSA-6p7x-w879-f4hr: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Ex↗2022-03-12
β–Ά
CVEList
CVE-2022-23926: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Ex↗2022-03-11
β–Ά

πŸ“‹Vendor Advisories

2
Oracle
Oracle Oracle Siebel CRM Risk Matrix: Marketing (XMLBeans) β€” CVE-2021-23926β†—2022-10-15
β–Ά
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: Thirdparty Patch (Apache XMLBeans) β€” CVE-2021-23926β†—2022-07-15
β–Ά
CVE-2022-23926 β€” Sensitive Information Exposure in HP | cvebase