Lucene search

[email protected]CVE-2023-26300

HistoryOct 18, 2023 - 7:15 p.m.

CVE-2023-26300

2023-10-1819:15:08

[email protected]

web.nvd.nist.gov

bios

vulnerability

products

privilege escalation

firmware updates

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.

Affected configurations

NVD

Node

hpdesktop_pro_a_300_g3_firmwareRange<f.13

AND

hpdesktop_pro_a_300_g3Match-

Node

hpdesktop_pro_a_g3_firmwareRange<f.13

AND

hpdesktop_pro_a_g3Match-

Node

hpdesktop_pro_a_g3_microtower_firmwareRange<f.13

AND

hpdesktop_pro_a_g3_microtowerMatch-

Node

hpzhan_66_pro_a_g1_r_microtower_firmwareRange<f.13

AND

hpzhan_66_pro_a_g1_r_microtowerMatch-

Node

hpt638_thin_client_firmwareRange<00.01.13

AND

hpt638_thin_clientMatch-

Node

hpstream_11_pro_g5_firmwareRange<f.18

AND

hpstream_11_pro_g5Match-

Node

hp240_g10_firmwareRange<f.05

AND

hp240_g10Match-

Node

hp240_g6_firmwareRange<f.55

AND

hp240_g6Match-

Node

hp240_g7_firmwareRange<f.75

AND

hp240_g7Match-

Node

hp240_g9_firmwareRange<f.06

AND

hp240_g9Match-

Node

hp245_g10_firmwareRange<f.06

AND

hp245_g10Match-

Node

hp245_g7_firmwareRange<f.70

AND

hp245_g7Match-

Node

hp245_g8_firmwareRange<f.26

AND

hp245_g8Match-

Node

hp245_g9_firmwareRange<f.11

AND

hp245_g9Match-

Node

hp245_firmwareRange<f.11

AND

hp245Match-

Node

hp246_g6_firmwareRange<f.55

AND

hp246_g6Match-

Node

hp246_g7_firmwareRange<f.75

AND

hp246_g7Match-

Node

hp247_g8_firmwareRange<f.70

AND

hp247_g8Match-

Node

hp250_g10_firmwareRange<f.06

AND

hp250_g10Match-

Node

hp250_g6_firmwareRange<f.73

AND

hp250_g6Match-

Node

hp250_g7_firmwareRange<f.46

AND

hp250_g7Match-

Node

hp250_g9_firmwareRange<f.63

AND

hp250_g9Match-

Node

hp255_g10_firmwareRange<f.09

AND

hp255_g10Match-

Node

hp255_g6_firmwareRange<f.56

AND

hp255_g6Match-

Node

hp255_g7_firmwareRange<f.41

AND

hp255_g7Match-

Node

hp255_g8_firmwareRange<f.37

AND

hp255_g8Match-

Node

hp255_g9_firmwareRange<f.12

AND

hp255_g9Match-

Node

hp256_g6_firmwareRange<f.73

AND

hp256_g6Match-

Node

hp256_g7_firmwareRange<f.46

AND

hp256_g7Match-

Node

hp258_g6_firmwareRange<f.73

AND

hp258_g6Match-

Node

hp258_g7_firmwareRange<f.46

AND

hp258_g7Match-

Node

hp340_g7_firmwareRange<f.39

AND

hp340_g7Match-

Node

hp348_g7_firmwareRange<f.39

AND

hp348_g7Match-

Node

hp470_g10_firmwareRange<f.03

AND

hp470_g10Match-

Node

hp470_g7_firmwareRange<f.70

AND

hp470_g7Match-

Node

hp470_g9_firmwareRange<f.06

AND

hp470_g9Match-

Node

hpstream_11_pro_g4_firmwareRange<f.30education

AND

hpstream_11_pro_g4Match-education

Node

hpstream_11_pro_g5_firmwareRange<f.18

AND

hpstream_11_pro_g5Match-

Node

hpzbook_15_g5_mobile_workstation_firmwareRange<f.37

AND

hpzbook_15_g5_mobile_workstationMatch-

Node

hpzhan_99_g3_mobile_workstation_firmwareRange<f.19

AND

hpzhan_99_g3_mobile_workstationMatch-

Node

hpzhan_99_g4_mobile_workstation_firmwareRange<f.09

AND

hpzhan_99_g4_mobile_workstationMatch-

Node

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmwareRange<f.50

AND

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)Match-

Node

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmwareRange<f.50

AND

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)Match-

Node

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareRange<f.50

AND

hp200_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)Match-

Node

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmwareRange<f.50

AND

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)Match-

Node

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmwareRange<f.50

AND

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)Match-

Node

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareRange<f.50

AND

hp200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)Match-

Node

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmwareRange<f.50

AND

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)Match-

Node

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmwareRange<f.50

AND

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)Match-

Node

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareRange<f.50

AND

hp205_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)Match-

Node

hp205_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)_firmwareRange<f.20

AND

hp205_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)Match-

Node

hp205_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)_firmwareRange<f.20

AND

hp205_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)Match-

Node

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmwareRange<f.50

AND

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)Match-

Node

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmwareRange<f.50

AND

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)Match-

Node

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareRange<f.50

AND

hp205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)Match-

Node

hp205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)_firmwareRange<f.20

AND

hp205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)Match-

Node

hp205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)_firmwareRange<f.20

AND

hp205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)Match-

Node

hp285_g6_microtower_\(rom_family_ssid_871e\)_firmwareRange<f.26

AND

hp285_g6_microtower_\(rom_family_ssid_871e\)Match-

Node

hp285_g8_microtower_\(rom_family_ssid_870e\)_firmwareRange<f.30

AND

hp285_g8_microtower_\(rom_family_ssid_870e\)Match-

Node

hp285_pro_g6_microtower_\(rom_family_ssid_871e\)_firmwareRange<f.26

AND

hp285_pro_g6_microtower_\(rom_family_ssid_871e\)Match-

Node

hp285_pro_g8_microtower_\(rom_family_ssid_870e\)_firmwareRange<f.30

AND

hp285_pro_g8_microtower_\(rom_family_ssid_870e\)Match-

Node

hp295_g8_microtower_\(rom_family_ssid_870e\)_firmwareRange<f.30

AND

hp295_g8_microtower_\(rom_family_ssid_870e\)Match-

Node

hppro_sff_280_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_sff_280_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_sff_280_g9_desktop_\(rom_family_ssid_8bc3\)_firmwareRange<f.12

AND

hppro_sff_280_g9_desktop_\(rom_family_ssid_8bc3\)Match-

Node

hppro_sff_290_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_sff_290_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_sff_290_g9_desktop_\(rom_family_ssid_8bc3\)_firmwareRange<f.12

AND

hppro_sff_290_g9_desktop_\(rom_family_ssid_8bc3\)Match-

Node

hppro_sff_zhan_66_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_sff_zhan_66_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_sff_zhan_66_g9_desktop_\(rom_family_ssid_8bc3\)_firmwareRange<f.12

AND

hppro_sff_zhan_66_g9_desktop_\(rom_family_ssid_8bc3\)Match-

Node

hppro_tower_200_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_tower_200_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_tower_200_g9_desktop_\(rom_family_ssid_89b3\)_firmwareRange<f.22

AND

hppro_tower_200_g9_desktop_\(rom_family_ssid_89b3\)Match-

Node

hppro_tower_200_g9_desktop_\(rom_family_ssid_8bc3\)_firmwareRange<f.12

AND

hppro_tower_200_g9_desktop_\(rom_family_ssid_8bc3\)Match-

Node

hppro_tower_280_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_tower_280_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_tower_280_g9_desktop_\(rom_family_ssid_89b3\)_firmwareRange<f.22

AND

hppro_tower_280_g9_desktop_\(rom_family_ssid_89b3\)Match-

Node

hppro_tower_290_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_tower_290_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_tower_290_g9_desktop_\(rom_family_ssid_89b3\)_firmwareRange<f.22

AND

hppro_tower_290_g9_desktop_\(rom_family_ssid_89b3\)Match-

Node

hppro_tower_290_g9_desktop_\(rom_family_ssid_8bc3\)_firmwareRange<f.12

AND

hppro_tower_290_g9_desktop_\(rom_family_ssid_8bc3\)Match-

Node

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b4\)_firmwareRange<f.22

AND

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b4\)Match-

Node

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b3\)_firmwareRange<f.22

AND

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b3\)Match-

Node

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_8b3c\)_firmwareRange<f.12

AND

hppro_tower_zhan_99_g9_desktop_\(rom_family_ssid_8b3c\)Match-

Node

hpproone_240_g10_\(rom_family_ssid_8b4d\)_firmwareRange<f.10

AND

hpproone_240_g10_\(rom_family_ssid_8b4d\)Match-

Node

hpproone_240_g10_\(rom_family_ssid_8b4c\)_firmwareRange<f.05

AND

hpproone_240_g10_\(rom_family_ssid_8b4c\)Match-

Node

hpproone_240_g9_\(rom_family_ssid_89eb\)_firmwareRange<f.20

AND

hpproone_240_g9_\(rom_family_ssid_89eb\)Match-

Node

hpvr_backpack_g2_\(rom_family_ssid_8590\)_firmwareRange<f.29

AND

hpvr_backpack_g2_\(rom_family_ssid_8590\)Match-

Node

hpzhan_66_pro_a_g10_\(rom_family_ssid_8b4e\)_firmwareRange<f.05

AND

hpzhan_66_pro_a_g10_\(rom_family_ssid_8b4e\)Match-

Node

hpzhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8923\)_firmwareRange<f.20

AND

hpzhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8923\)Match-

Node

hpzhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8924\)_firmwareRange<f.20

AND

hpzhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8924\)Match-

Node

hpzhan_99_pro_a_g2_microtower_\(rom_family_ssid_871e\)_firmwareRange<f.20

AND

hpzhan_99_pro_a_g2_microtower_\(rom_family_ssid_871e\)Match-

Node

hp255_g8_\(rom_family_ssid_87d1\)_firmwareRange<f.37

AND

hp255_g8_\(rom_family_ssid_87d1\)Match-

Node

hp255_g8_\(rom_family_ssid_8905\)_firmwareRange<f.37

AND

hp255_g8_\(rom_family_ssid_8905\)Match-

Node

hp255_g8_\(rom_family_ssid_890e\)_firmwareRange<f.37

AND

hp255_g8_\(rom_family_ssid_890e\)Match-

CPENameOperatorVersion
hp:desktop_pro_a_300_g3_firmwarehp desktop pro a 300 g3 firmwareltf.13

CPE	Name	Operator	Version
hp:desktop_pro_a_300_g3_firmware	hp desktop pro a 300 g3 firmware	lt	f.13

CNA Affected

[
  {
    "vendor": "HP Inc.",
    "product": "HP PC products",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "See HP Security Bulletin reference for affected versions.",
        "status": "affected"
      }
    ]
  }
]

References

support.hp.com/us-en/document/ish_9461800-9461828-16

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-26300

prion1 hp1 cvelist1 nvd1