A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.
[
{
"product": "HP 240 G1 Notebook PC and certain other consumer notebooks",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "F.22 and other firmware versions"
}
]
}
]