Lucene search

HP Product Security Response TeamHSPBHF03848

HistoryMay 11, 2023 - 12:00 a.m.

HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware – Potential Buffer Overflow, Elevation of Privilege

2023-05-1100:00:00

HP Product Security Response Team

support.hp.com

diagnostics

windows

image assistant

thunderbolt

firmware

buffer overflow

privilege elevation

vulnerability

updates

platforms

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

54.4%

JSON

Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to buffer overflow and/or elevation of privilege.

HP has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerabilities. See the affected platforms listed below.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

54.4%

JSON

Related for HSPBHF03848