Lucene search

HpCVE-2022-37019

HistoryJun 10, 2024 - 11:15 p.m.

CVE-2022-37019

2024-06-1023:15:49

web.nvd.nist.gov

bios

vulnerabilities

firmware

updates

mitigation

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

AI Score

7.7

Confidence

Low

EPSS

Percentile

9.0%

JSON

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.

CNA Affected

[
  {
    "vendor": "HP Inc.",
    "product": "HP PC products",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "See HP security bulletin reference for affected versions",
        "status": "affected"
      }
    ]
  }
]

References

support.hp.com/us-en/document/ish_10737430-10737454-16/hpsbhf03943

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

AI Score

7.7

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2022-37019