CVE-2022-31643

3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 75.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Inc. HP PC Bios HP Dragonfly Folio G3 Firmware HP Elite Dragonfly G2 Firmware +89 more

Timeline

PublishedApr 28

Description

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages92 packages

▶CVEListV5hp_inc./hp_pc_biosSee HP Security Bulletin reference for affected versions.

▶NVDhp/elite_x2_g8_firmware01.10.00

▶NVDhp/z1_g8_tower_firmware02.09.01

▶NVDhp/z1_g9_tower_firmware02.05.01

▶NVDhp/engage_go_10_firmware01.10.00

🔴Vulnerability Details

CVEList

CVE-2022-31643: A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity↗2023-04-28

▶

GHSA

GHSA-gxvj-mfhf-cr4q: A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity↗2023-04-28

▶