cbcvebase.
CVE-2022-27540
published 2024-06-28

CVE-2022-27540: A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code…

high7.8CVSS 3.1
AVLACHPRLUINSCCHIHAH
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.

Affected

355 ranges· showing 25
VendorProductVersion rangeFixed in
hpdragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware< 01.07.0001.07.00
hpelite_dragonfly_13.5_inch_g3_notebook_pc_firmware< 01.07.0001.07.00
hpelite_dragonfly_firmware< 01.26.0001.26.00
hpelite_dragonfly_g2_firmware< 01.11.0001.11.00
hpelite_dragonfly_max_firmware< 01.11.0001.11.00
hpelite_mini_600_g9_desktop_pc_firmware< 02.10.0402.10.04
hpelite_mini_800_g9_desktop_pc_firmware< 02.10.0402.10.04
hpelite_mt645_g7_mobile_thin_client_firmware< 01.10.0101.10.01
hpelite_sff_600_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_sff_800_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_slice_g2_audio_ready_with_zoom_rooms_firmware< 2.642.64
hpelite_slice_g2_partner_ready_with_microsoft_teams_rooms_firmware< 2.642.64
hpelite_slice_g2_with_intel_unite_firmware< 2.642.64
hpelite_slice_g2_with_microsoft_teams_rooms_firmware< 2.642.64
hpelite_slice_g2_with_zoom_rooms_firmware< 2.642.64
hpelite_tower_600_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_tower_680_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_tower_800_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_tower_880_g9_desktop_pc_firmware< 02.10.0502.10.05
hpelite_x2_1012_g1_firmware< 1.61.6
hpelite_x2_1012_g1_tablet_firmware
hpelite_x2_1012_g1_tablet_with_travel_keyboard_firmware
hpelite_x2_1012_g2_firmware
hpelite_x2_1013_g3_firmware
hpelite_x2_g4_firmware