Vulnerability Details : CVE-2023-26300
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.
Products affected by CVE-2023-26300
- cpe:2.3:o:hp:240_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:240_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:246_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:246_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:250_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:250_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:256_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:256_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:258_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:258_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:340_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:348_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:470_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:stream_11_pro_g4_firmware:*:*:*:*:education:*:*:*
- cpe:2.3:o:hp:stream_11_pro_g5_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:t638_thin_client_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:desktop_pro_a_300_g3_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:desktop_pro_a_g3_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:desktop_pro_a_g3_microtower_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_66_pro_a_g1_r_microtower_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:240_g10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:245_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:245_g8_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:247_g8_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:250_g10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:470_g10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:470_g9_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:240_g9_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:245_g10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:245_g9_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:245_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:250_g9_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g8_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g9_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zbook_15_g5_mobile_workstation_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_99_g3_mobile_workstation_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_99_g4_mobile_workstation_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f2\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8923\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:205_pro_g8_24_all-in-one_pc_\(rom_family_ssid_8924\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:285_g6_microtower_\(rom_family_ssid_871e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:285_g8_microtower_\(rom_family_ssid_870e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:285_pro_g6_microtower_\(rom_family_ssid_871e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:285_pro_g8_microtower_\(rom_family_ssid_870e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:295_g8_microtower_\(rom_family_ssid_870e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_280_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_280_g9_desktop_\(rom_family_ssid_8bc3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_290_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_290_g9_desktop_\(rom_family_ssid_8bc3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_zhan_66_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_sff_zhan_66_g9_desktop_\(rom_family_ssid_8bc3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_200_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_200_g9_desktop_\(rom_family_ssid_89b3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_200_g9_desktop_\(rom_family_ssid_8bc3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_280_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_280_g9_desktop_\(rom_family_ssid_89b3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_290_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_290_g9_desktop_\(rom_family_ssid_89b3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_290_g9_desktop_\(rom_family_ssid_8bc3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b4\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_\(rom_family_ssid_89b3\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_\(rom_family_ssid_8b3c\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:proone_240_g10_\(rom_family_ssid_8b4d\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:proone_240_g10_\(rom_family_ssid_8b4c\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:proone_240_g9_\(rom_family_ssid_89eb\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:vr_backpack_g2_\(rom_family_ssid_8590\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_66_pro_a_g10_\(rom_family_ssid_8b4e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8923\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_66_pro_a_g4_all-in-one_pc_\(rom_family_ssid_8924\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:zhan_99_pro_a_g2_microtower_\(rom_family_ssid_871e\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g8_\(rom_family_ssid_87d1\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g8_\(rom_family_ssid_8905\)_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:255_g8_\(rom_family_ssid_890e\)_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-26300
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-26300
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2023-26300
-
https://support.hp.com/us-en/document/ish_9461800-9461828-16
Certain HP PC products - BIOS Password Unlock | HP® Customer SupportPatch;Vendor Advisory
Jump to