Vulnerability Details : CVE-2023-5409
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.
Products affected by CVE-2023-5409
- cpe:2.3:o:hp:t430_thin_client_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hp:t638_thin_client_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-5409
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 24 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-5409
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
0.9
|
5.9
|
NIST |
References for CVE-2023-5409
-
https://support.hp.com/us-en/document/ish_9441200-9441233-16
HP t430 and t638 Thin Clients - Firmware Tampering Vulnerability | HP® Customer SupportPatch;Vendor Advisory
Jump to