CVE-2022-31642

CWE-3673 documents3 sources

Severity

7.0HIGH

EPSS

0.1%

top 67.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

292

HP Elite Dragonfly Firmware HP Elite Dragonfly G2 Firmware HP Elite Dragonfly G3 Firmware +289 more

Timeline

PublishedJun 14

Description

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages292 packages

▶NVDhp/mp9_g4_retail_system_firmware< 02.20.01

▶NVDhp/rp9_g1_retail_system_firmware< 00.02.58

▶NVDhp/engage_go_mobile_system_firmware< 01.21.01

▶NVDhp/engage_one_pro_aio_system_firmware< 02.12.01

▶NVDhp/engage_go_10_mobile_system_firmware< 01.10.00

🔴Vulnerability Details

CVEList

CVE-2022-31642: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of↗2023-06-14

▶

GHSA

GHSA-2xg5-79q2-hw57: Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of↗2023-06-14

▶