CVE-2023-5410 : A potential security vulnerability has been reported in the system BIOS of certa

A potential security vulnerability has been reported in the system BIOS of certain HP PC products, which might allow memory tampering. HP is releasing mitigation for the potential vulnerability.

Published 2024-03-12 20:15:08

Updated 2024-11-12 21:35:14

Source HP Inc.

View at NVD, CVE.org

Products affected by CVE-2023-5410

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-5410

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5410

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.2	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	1.5	6.0	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-11-12
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-5410

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2023-5410

https://support.hp.com/us-en/document/ish_10290255-10290279-16/hpsbhf03924

HP PC BIOS Pre-boot DMA Protection Security Update | HP® Support

Jump to

Vulnerability Details : CVE-2023-5410

Products affected by CVE-2023-5410

Exploit prediction scoring system (EPSS) score for CVE-2023-5410

CVSS scores for CVE-2023-5410

CWE ids for CVE-2023-5410

References for CVE-2023-5410