CVE-2022-31636

2023-06-1316:11:06

www.cve.org

hp pc

bios

toctou

arbitrary code execution

privilege escalation

denial of service

information disclosure

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.

CNA Affected

[
  {
    "versions": [
      {
        "version": "See HP Security Bulletin reference for affected versions.",
        "status": "affected"
      }
    ],
    "product": "HP PC BIOS",
    "vendor": "HP Inc."
  }
]

References

support.hp.com/us-en/document/ish_7149996-7150021-16/hpsbhf03814