Vulnerability Details : CVE-2022-23929
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
Vulnerability category: Denial of serviceInformation leak
Exploit prediction scoring system (EPSS) score for CVE-2022-23929
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 11 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-23929
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
References for CVE-2022-23929
-
https://support.hp.com/us-en/document/ish_5817864-5817896-16
HP PC BIOS February 2022 Security Updates for 11 Vulnerabilities | HP® Customer SupportVendor Advisory
Products affected by CVE-2022-23929
- cpe:2.3:o:hp:pc_bios:*:*:*:*:*:*:*:*