Vulnerability Details : CVE-2022-23928
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
Vulnerability category: Denial of serviceInformation leak
Exploit prediction scoring system (EPSS) score for CVE-2022-23928
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 11 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-23928
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
References for CVE-2022-23928
-
https://support.hp.com/us-en/document/ish_5817864-5817896-16
HP PC BIOS February 2022 Security Updates for 11 Vulnerabilities | HP® Customer SupportVendor Advisory
Products affected by CVE-2022-23928
- cpe:2.3:o:hp:pc_bios:*:*:*:*:*:*:*:*