Lucene search

K
cve[email protected]CVE-2022-23927
HistoryMar 11, 2022 - 6:15 p.m.

CVE-2022-23927

2022-03-1118:15:33
web.nvd.nist.gov
72
hp
pc
bios
vulnerabilities
escalation of privilege
arbitrary code execution
unauthorized code execution
denial of service
information disclosure
nvd
cve-2022-23927

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Affected configurations

NVD
Node
hppc_biosRange<02.07.10
CPENameOperatorVersion
hp:pc_bioshp pc bioslt02.07.10

CNA Affected

[
  {
    "product": "HP PC BIOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "before 02.07.10 (S05, S15 BIOS)"
      }
    ]
  }
]

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for CVE-2022-23927