All the vulnerabilites related to hp - 260_g4_desktop_mini_firmware
cve-2022-43779
Vulnerability from cvelistv5
Published
2023-02-03 16:42
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HP Inc. | HP PC products using AMI UEFI Firmware |
Version: See HP Security Bulletin reference for affected versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP PC products using AMI UEFI Firmware",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-12T01:45:42.615671Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-43779",
"datePublished": "2023-02-03T16:42:10.283Z",
"dateReserved": "2022-10-26T14:39:32.656Z",
"dateUpdated": "2024-08-03T13:40:06.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26299
Vulnerability from cvelistv5
Published
2023-06-30 15:40
Modified
2024-12-04 16:06
Severity ?
EPSS score ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HP Inc. | HP PC products using AMI UEFI Firmware |
Version: See HP Security Bulletin reference for affected versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26299",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:05:27.260359Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:06:16.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP PC products using AMI UEFI Firmware",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:40:10.380Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-26299",
"datePublished": "2023-06-30T15:40:10.380Z",
"dateReserved": "2023-02-21T21:14:33.320Z",
"dateUpdated": "2024-12-04T16:06:16.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-02-12 04:15
Modified
2024-11-21 07:27
Severity ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:348_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE153A6-4830-4AFE-8686-7A565DA17AC8",
"versionEndExcluding": "f.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:348_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49DAEC47-59F9-4DB5-9A7D-99ED68DE702E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g2_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "557E5418-A72F-4C32-A8A5-0BA2E6D86F76",
"versionEndExcluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g2_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B46A5A35-548C-4D8A-8615-155BE636D0DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:218_pro_g5_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BC161C-763B-4245-92FA-DD3409C2CEBD",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:218_pro_g5_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "611B7336-44A2-4A6A-94A2-9C6A55E6B878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g3_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28D3AFD7-5EC1-49CB-8940-31D54D34145D",
"versionEndExcluding": "02.20.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g3_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AFD7D7-554B-426F-873E-F240A34C1178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE54A16-C1C9-4316-944B-185EB5DD8137",
"versionEndExcluding": "02.12.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3C361-80EC-4776-9949-3CB5B4319A65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F89E8E31-A6D5-41E8-B7DC-8B12EDD10689",
"versionEndExcluding": "02.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g3_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80CC04F-9AAE-47B6-9F6D-A20E7FB58D57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g3_pci_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF066652-0581-4C5A-AF12-0D1425C70B26",
"versionEndExcluding": "02.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g3_pci_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6488C91D-C3B6-4DBC-AB84-66C034F12F85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:288_pro_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "592EF5D6-CC6D-4AB5-9E9D-D1505D01043D",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:288_pro_g3_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A33680A7-EB8D-45A4-8F3D-C7D1657471B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FB74C-93C1-42D5-99CC-955C84CAB676",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "916FDAB3-6BE7-4783-BCDA-03519A090755",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_300_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E0D0B3-B543-43A0-BAE4-26D6360C1112",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_300_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1CA282-C10A-450C-AC5C-7D4DB28B7769",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_300_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A67C7-3B7F-4AB5-BC59-FC9C1DAC92F6",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_300_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC252085-28AD-4B4B-B3F2-46A79EC4454E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7D086F-37FD-4E6C-850F-84C6A1F82716",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B71FF05-319E-4AF9-898A-535C47296918",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F4D44A-229F-4F20-A428-752C5C3653B0",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2483BA-E501-46EE-9E65-A3B80A3354C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92281F0-A9A6-4A91-A476-D2297F19C9EB",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB20EDC-6674-40ED-8A47-B742837D1E29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC30EED-1990-4D47-B1CD-1FB7E62BBC6E",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37108B1D-2BED-42D6-87A4-596E75FB645F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E162B6-B3F4-4F58-91ED-186EC919D928",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA54B2-6DD5-4CEE-A0DF-5C7B498E38BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_g3_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0253ED0-B9FF-4050-8F6F-9D0A65511BB5",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_g3_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE0F273-92B2-448A-B8F1-7EB1F132B74A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8053C388-2231-4DDB-AF1D-84A73FAE9925",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260A0E1E-1B35-43A1-B0AF-696942DCC932",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3976A254-EA9D-4976-B041-98F1F8DA6130",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B21CB1F-1AA7-4983-B89A-DB4F655F327B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_r_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1289BC6-AFF4-4FCE-A3AA-D5D6037F7549",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_r_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465F25-77A7-401E-A198-B052064AA241",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_g1_r_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C50921-3336-47CF-BBC8-D94B924A29F8",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_g1_r_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44F52B8E-14B4-4967-B243-DFDB7037E6EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_86_pro_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDBFDB-5E52-47C5-923A-9E5C24795261",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_86_pro_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AACFA1BA-C08E-4659-B6A7-E957DDB72C36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864FDD6C-D435-4C96-A882-62120DA6E1D0",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56681D4A-2D4B-495F-85E3-635F51E7A63D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDD5962-2CCE-45F6-97E3-1F962EBD938D",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9270F8AA-88E9-456C-A571-3D2DF1D06363",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F3C45A-3762-4EAB-BFC7-5D2EDD03D760",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC73F0F-09F9-4916-B0DD-DB69D6699CB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."
}
],
"id": "CVE-2022-43779",
"lastModified": "2024-11-21T07:27:14.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-12T04:15:16.060",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-30 16:15
Modified
2024-11-21 07:51
Severity ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22FB0D-69B1-4FDB-897E-6655D4DAB1A6",
"versionEndExcluding": "2.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3C361-80EC-4776-9949-3CB5B4319A65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:t430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D1FB3A-EC66-4DA9-8590-798F8540C535",
"versionEndExcluding": "00.01.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:t430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA282389-B256-4E59-966A-F45533AB0D0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:t628_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833D2519-4340-4433-B0C0-4A832284E225",
"versionEndExcluding": "00.01.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:t628:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E211855B-CC97-4465-BB6B-6A21BE49EB8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:240_g10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A33B9BB-1078-4FE4-BE5B-979FACFDEFD2",
"versionEndExcluding": "f.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:240_g10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "228AB159-2035-4773-92C9-0B1A7C37E73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:245_g6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D50716CA-7372-4C46-B97E-C371E98CC6CF",
"versionEndExcluding": "f.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:245_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC354FB1-6F4E-4024-88E3-1F0B9EB77E68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:245_g7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4A278A-B835-4502-BAB2-A96648ECE259",
"versionEndExcluding": "f.69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:245_g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB115A-654B-40F2-AB3F-F1D676FE756D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:245_g8_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CCDC7A-47B4-4687-B17D-2C1CB8F01E13",
"versionEndExcluding": "f.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:245_g8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8848BD8C-43E0-4AC9-AA37-C27C909A469E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:247_g8_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C968F11E-EA1E-42B0-9051-1387DF802D45",
"versionEndExcluding": "f.69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:247_g8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736C9B2B-A5F0-4563-A82D-3B505D38C2D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:250_g10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B76F25-8713-49CD-AF80-82D58DF982AF",
"versionEndExcluding": "f.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:250_g10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91114984-7DFD-47C2-A6B7-05CD9D0BB532",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:255_g10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F52095A-3E8B-471E-9E21-642C01C74273",
"versionEndExcluding": "f.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:255_g10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006A02ED-2CFB-45DD-8481-0B3A13B0AB2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:349_g7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C13930DF-BCF1-4413-BE0C-15C13D5E854F",
"versionEndExcluding": "f.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:349_g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83CABB74-43CD-4FD2-A17E-CC073E8FF830",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:470_g10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5184184-486E-4904-A516-9A80C2C3117E",
"versionEndExcluding": "f.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:470_g10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4FC06B5-340D-480B-9686-9F9463028A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:470_g9_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "020CF0D0-9D10-4701-9243-CBAFF31741A1",
"versionEndExcluding": "f.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:470_g9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B308D9-A986-4463-801F-A31AE190540F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_99_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "243EEAE5-313A-4747-8556-5FCA66E0573A",
"versionEndExcluding": "f.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_99_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A677B096-E4F2-424E-B06A-5B335FE0709A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_99_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A18242-A4EA-4E64-AAE9-7F7E91897557",
"versionEndExcluding": "f.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_99_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFC67F1-A1EC-4BA8-86AF-567DC1272600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:vr_backpack_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95C468D7-7B09-4D14-ACFE-CDB8DC237E52",
"versionEndExcluding": "f.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:vr_backpack_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F034D5-E071-49D9-9DD0-084EE7B8DFD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:200_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03BBAB9F-13D4-4C74-A42C-E2E27BAB0095",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:200_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D353BB07-DBD5-4F2E-ADF2-DC2B61143957",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:200_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA17105-B074-4FCB-AE8E-678C9170147C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:200_g4_22_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D21E8CA6-8A44-4EA9-936C-2F52555890B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:200_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA839908-F2C3-4E0B-BA55-F8B11748D170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:200_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6059F9B7-B1CA-4B6B-BB0D-067F6D47E9D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:205_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3076D2-920B-4AE9-A9B0-4A32D31A5DE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:205_g4_22_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF306D8-ABBF-4045-8D9F-AA16AD0C820E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:205_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "816EB4BC-CB1E-498B-8FF4-1BE29C24E1ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:205_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9A1E4E-CA39-4869-B383-3C434617948B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EEB9916-0DDB-477F-8D0F-3875F502C11B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "191FF108-74AD-4EE6-8785-F634A6CED90B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24675A82-C3F9-4781-93F9-79883AEEE53B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DD2AF3-8883-48B8-877C-F63176543203",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g4_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4838645F-D633-4043-B1D6-01F6070FD080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g4_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AFEF3F-A93D-4042-88AA-F68F5F67C009",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92D0C1E9-95E0-4DD4-ADF0-645B4384E487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FADF9F-1929-47C7-B75D-8F14C45B09B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6397DB7D-5349-46AB-BB52-83B7E8EA461F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g5_small_form_factor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF85CB9-B797-4E6C-ABEF-67392DCD48B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E617F9-C3BB-4D34-8181-487EEB199F8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "579D1565-CA10-4A4E-A2E8-16004A78C89A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g8_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85F267F4-FA76-4592-9038-BB217C9EEBBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g8_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26A0906A-8EE8-47D1-BFDA-EC04909A3829",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_pro_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0925537-5738-4DDE-8F1A-F492C186002B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_pro_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59B822CD-5459-4AA0-98FD-7349685EA329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "665B81DE-B934-4F5B-8A0A-F429AF64BBA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_pro_g4_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F045964-4BEA-4C71-939F-7FBC437BD7BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_pro_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAC266B-C17C-453A-8D32-C45CE044E147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_pro_g5_small_form_factor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C140BECB-6F01-4D79-8D03-E8B8A42824AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:282_g5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2BB8A0-FFDF-4696-9ACD-FF832C6C402F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:282_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71218FF2-460D-49D1-812F-D8C08BF510E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:282_g6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8374038D-3316-4C15-B1B9-C2F0B3537A05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:282_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BA71E2-BE32-4563-AC07-BDF826B9C4D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:282_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A82B799-EC08-484F-800F-8EB4FFB085AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:282_pro_g4_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0476E463-DA4D-4F20-BEDF-B93D3ABC1B14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:288_g5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F7E602-8A96-446D-BDE6-7D7133B09EE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:288_g5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D7B1D8-A3D0-47B0-8A22-A3608892D03E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:288_g6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8939A9F6-D5B6-4265-90DE-652896D582F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:288_g6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E8F7C6-45F0-476F-BE22-B8D602B91627",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:288_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39C32033-1E8E-4FAB-A1A5-1B85AF4FA510",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:288_pro_g4_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9211352-0EE0-48D9-939C-9C47F3F47EC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD062EA-F9AE-4619-9679-E63811DCF240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39ADF234-B2E7-4B33-AC6E-A2442A2E959F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046E517C-A766-4064-97E0-EF92686530A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "066B771F-9486-4B18-8856-BB75A7DC24A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g2_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43C0AC26-6193-4DEF-AF5E-935877959923",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g2_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3884D2-D337-447B-8E5C-30722138B55B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929FE0E8-714C-434C-A0FC-EA921554C13C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB6EBE6-94A6-4611-8DD1-5E8E23EA4197",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g3_small_form_factor_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3686518-AB17-402A-8337-5187ECD72071",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g3_small_form_factor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10AFFDB-EDD2-4B49-B522-AA7E95698AFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9EF20C-4517-4EE2-9FE4-3DB5400F82BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9809B055-DCAF-4689-94F7-650BBA46143B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B5A75E-F5FC-4BD6-BDF0-509BCDD74971",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "990CA33B-0C50-4A33-AEB2-E9E0FF49D8C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_small_form_factor_280_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7446D646-07DC-4AC2-8FC3-C6A5BA7FA21C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_small_form_factor_280_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED86FB0B-00D5-46ED-BAFD-75F4F0711039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_small_form_factor_290_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4773020-D227-4209-BC02-0D61043CBD04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_small_form_factor_290_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B609D2A-EA4A-4630-9272-C04E0D89CAEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_small_form_factor_zhan_66_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A57584-8D85-4E32-A91A-34AD85CFFBED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_small_form_factor_zhan_66_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8073860-0FE3-4594-8208-185E10570979",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_tower_200_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108CB770-35B9-4E5E-93AC-B9CED1646118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_tower_200_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9440CDEE-F9AE-48F6-ACA9-F52B5825B4D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_tower_280_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E903A0B-606F-4838-A737-7F89642F5B15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_tower_280_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73443124-D7EA-4125-8B45-774D0DDD8896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_tower_290_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68754120-1B3F-49A1-B9C0-A7050F325A2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_tower_290_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBDA484-C171-4E0A-9DA6-FD0AC3926E1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626D4144-4573-4BC7-A90F-7F2F382E8BE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pro_tower_zhan_99_g9_desktop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD535049-4136-4209-BA00-129DD221D2D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_240_g10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3536C31F-3ACA-406C-A71B-3C52E7309859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_240_g10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE346033-6077-4DB4-9D33-67F3B8740846",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_240_g9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B307ECF9-2602-418F-B2B0-DEE5B2430A82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_240_g9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D716B903-6C32-4CA6-ACF9-97C2009545CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_440_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1966769-CC94-4A17-8CF2-53CCAA70EDA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_440_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6B59D9-BC7D-462D-82CF-ACB37611A014",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_490_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1318D35C-1B13-4CFE-910F-EDA69D9DC723",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_490_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40AFDED7-7EBB-4B16-9AFB-6D692ECCC504",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proone_496_g3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41600C3D-012D-4100-88A4-009DE4CD981C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proone_496_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B70E73-B2D6-46A6-B4EA-1F2673A9F20C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z_vr_backpack_g1_workstation_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402FA585-D7C8-4F5C-BECC-1AD9A988DA9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z_vr_backpack_g1_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97110C07-D287-47A7-B1E3-9E3A1BDF9E9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_86_pro_g2_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7796F3E3-652D-4A67-A01B-B2923207D29D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_86_pro_g2_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66525D0D-D460-4822-9B94-CE2088E621C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_99_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C15BE4ED-7432-4932-A39C-03CC659F0B5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_99_pro_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F481B7BE-667B-46CB-BEC5-BE033917C068",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability."
}
],
"id": "CVE-2023-26299",
"lastModified": "2024-11-21T07:51:05.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-30T16:15:09.543",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}