The vulnerability of UEFI (BIOS) software on desktop computers and personal computers manufactured by Hewlett-Packard Development Company L.P. stems from an operation that goes beyond the buffer boundaries in memory, allowing attackers to exploit their privileges.

🗓️ 17 Aug 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

HP desktop and personal computer UEFI BIOS vulnerability allows privilege escalation via memory buffer overrun.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2022-27537	1 Feb 202312:13	–	circl
CNNVD	HP PC 安全漏洞	1 Feb 202300:00	–	cnnvd
CVE	CVE-2022-27537	30 Jan 202321:26	–	cve
Cvelist	CVE-2022-27537	30 Jan 202321:26	–	cvelist
EUVD	EUVD-2022-32038	3 Oct 202520:07	–	euvd
Hewlett-Packard	HP PC BIOS August 2022 Additional Updates for Potential SMM and TOCTOU Vulnerabilities	5 May 202300:00	–	hp
NVD	CVE-2022-27537	1 Feb 202307:15	–	nvd
OSV	CVE-2022-27537	1 Feb 202307:15	–	osv
Prion	Privilege escalation	1 Feb 202307:15	–	prion
RedhatCVE	CVE-2022-27537	7 Jan 202609:49	–	redhatcve

Vulners

Node

hp hp_elite_dragonfly_g2Range<01.10.00

OR

hp hp_elite_dragonfly_maxRange<01.10.00

OR

hp hp_elite_x2_g8_tabletRange<01.10.00

OR

hp hp_elitebook_830_g7Range<01.10.00

OR

hp hp_elitebook_830_g8Range<01.10.00

OR

hp hp_elitebook_835_g7Range<01.10.00

OR

hp hp_elitebook_835_g8Range<01.10.00

OR

hp hp_elitebook_840_aero_g8Range<01.10.00

OR

hp hp_elitebook_840_g7Range<01.10.00

OR

hp hp_elitebook_840_g8Range<01.10.00

OR

hp hp_elitebook_845_g7Range<01.10.00

OR

hp hp_elitebook_845_g8Range<01.10.00

OR

hp hp_elitebook_850_g7Range<01.10.00

OR

hp hp_elitebook_850_g8Range<01.10.00

OR

hp hp_elitebook_855_g7Range<01.10.00

OR

hp hp_elitebook_855_g8Range<01.10.00

OR

hp hp_elitebook_x360_1030_g7Range<01.10.00

OR

hp hp_elitebook_x360_1030_g8Range<01.10.00

OR

hp hp_elitebook_x360_1040_g7Range<01.10.00

OR

hp hp_elitebook_x360_1040_g8Range<01.10.00

OR

hp hp_elitebook_x360_830_g7Range<01.10.00

OR

hp hp_elitebook_x360_830_g8Range<01.10.00

OR

hp hp_probook_430_g8Range<01.10.00

OR

hp hp_probook_440_g8Range<01.10.00

OR

hp hp_probook_445_g8Range<01.10.00

OR

hp hp_probook_450_g8Range<01.10.00

OR

hp hp_probook_630_g8Range<01.10.00

OR

hp hp_probook_635_aero_g8Range<01.10.00

OR

hp hp_probook_640_g7Range<01.10.00

OR

hp hp_probook_640_g8Range<01.10.00

OR

hp hp_probook_650_g7Range<01.10.00

OR

hp hp_probook_650_g8Range<01.10.00

OR

hp hp_probook_x360_11_g7_eeRange<01.10.00

OR

hp hp_probook_x360_435_g8_notebook_pcRange<01.10.00

OR

hp hp_zbook_create_g7Range<01.10.00

OR

hp hp_zbook_firefly_14_g7Range<01.10.00

OR

hp hp_zbook_firefly_14_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_firefly_15_g7Range<01.10.00

OR

hp hp_zbook_firefly_15.6_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_fury_15_g7Range<01.10.00

OR

hp hp_zbook_fury_15.6_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_fury_17_g7Range<01.10.00

OR

hp hp_zbook_fury_17.3_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_power_15.6_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_power_g7Range<01.10.00

OR

hp hp_zbook_studio_15.6_inch_g8_mobile_workstation_pcRange<01.10.00

OR

hp hp_zbook_studio_g7Range<01.10.00

OR

hp hp_zhan_66_pro_14_g4_notebook_pcRange<01.10.00

OR

hp hp_zhan_66_pro_a_14_g4_notebook_pcRange<01.10.00

Source	Link
support	www.support.hp.com/us-en/document/ish_6664419-6664458-16/hpsbhf03806
web	www.web.nvd.nist.gov/view/vuln/detail

17 Aug 2022 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 26

CVSS 37.8

EPSS0.00201

Hewlett Packard Firmware Interface Memory buffer overrun Privilege escalation Desktop computers Personal computers