Vulnerabilites related to hp - 280_g5_firmware
cve-2023-26299
Vulnerability from cvelistv5
Published
2023-06-30 15:40
Modified
2024-12-04 16:06
Severity ?
EPSS score ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | HP Inc. | HP PC products using AMI UEFI Firmware |
Version: See HP Security Bulletin reference for affected versions. |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:46:24.488Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-26299", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:05:27.260359Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:06:16.624Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "HP PC products using AMI UEFI Firmware", vendor: "HP Inc.", versions: [ { status: "affected", version: "See HP Security Bulletin reference for affected versions.", }, ], }, ], descriptions: [ { lang: "en", value: "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.", }, ], providerMetadata: { dateUpdated: "2023-06-30T15:40:10.380Z", orgId: "74586083-13ce-40fd-b46a-8e5d23cfbcb2", shortName: "hp", }, references: [ { url: "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850", }, ], x_generator: { engine: "cveClient/1.0.13", }, }, }, cveMetadata: { assignerOrgId: "74586083-13ce-40fd-b46a-8e5d23cfbcb2", assignerShortName: "hp", cveId: "CVE-2023-26299", datePublished: "2023-06-30T15:40:10.380Z", dateReserved: "2023-02-21T21:14:33.320Z", dateUpdated: "2024-12-04T16:06:16.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-06-30 16:15
Modified
2024-11-21 07:51
Severity ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
References
▼ | URL | Tags | |
---|---|---|---|
hp-security-alert@hp.com | https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A22FB0D-69B1-4FDB-897E-6655D4DAB1A6", versionEndExcluding: "2.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A3C361-80EC-4776-9949-3CB5B4319A65", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:t430_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9D1FB3A-EC66-4DA9-8590-798F8540C535", versionEndExcluding: "00.01.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:t430:-:*:*:*:*:*:*:*", matchCriteriaId: "CA282389-B256-4E59-966A-F45533AB0D0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:t628_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "833D2519-4340-4433-B0C0-4A832284E225", versionEndExcluding: "00.01.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:t628:-:*:*:*:*:*:*:*", matchCriteriaId: "E211855B-CC97-4465-BB6B-6A21BE49EB8B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:240_g10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A33B9BB-1078-4FE4-BE5B-979FACFDEFD2", versionEndExcluding: "f.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:240_g10:-:*:*:*:*:*:*:*", matchCriteriaId: "228AB159-2035-4773-92C9-0B1A7C37E73A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:245_g6_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D50716CA-7372-4C46-B97E-C371E98CC6CF", versionEndExcluding: "f.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:245_g6:-:*:*:*:*:*:*:*", matchCriteriaId: "BC354FB1-6F4E-4024-88E3-1F0B9EB77E68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:245_g7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F4A278A-B835-4502-BAB2-A96648ECE259", versionEndExcluding: "f.69", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:245_g7:-:*:*:*:*:*:*:*", matchCriteriaId: "27CB115A-654B-40F2-AB3F-F1D676FE756D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:245_g8_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9CCDC7A-47B4-4687-B17D-2C1CB8F01E13", versionEndExcluding: "f.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:245_g8:-:*:*:*:*:*:*:*", matchCriteriaId: "8848BD8C-43E0-4AC9-AA37-C27C909A469E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:247_g8_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C968F11E-EA1E-42B0-9051-1387DF802D45", versionEndExcluding: "f.69", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:247_g8:-:*:*:*:*:*:*:*", matchCriteriaId: "736C9B2B-A5F0-4563-A82D-3B505D38C2D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:250_g10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8B76F25-8713-49CD-AF80-82D58DF982AF", versionEndExcluding: "f.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:250_g10:-:*:*:*:*:*:*:*", matchCriteriaId: "91114984-7DFD-47C2-A6B7-05CD9D0BB532", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:255_g10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F52095A-3E8B-471E-9E21-642C01C74273", versionEndExcluding: "f.08", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:255_g10:-:*:*:*:*:*:*:*", matchCriteriaId: "006A02ED-2CFB-45DD-8481-0B3A13B0AB2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:349_g7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C13930DF-BCF1-4413-BE0C-15C13D5E854F", versionEndExcluding: "f.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:349_g7:-:*:*:*:*:*:*:*", matchCriteriaId: "83CABB74-43CD-4FD2-A17E-CC073E8FF830", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:470_g10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5184184-486E-4904-A516-9A80C2C3117E", versionEndExcluding: "f.02", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:470_g10:-:*:*:*:*:*:*:*", matchCriteriaId: "B4FC06B5-340D-480B-9686-9F9463028A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:470_g9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "020CF0D0-9D10-4701-9243-CBAFF31741A1", versionEndExcluding: "f.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:470_g9:-:*:*:*:*:*:*:*", matchCriteriaId: "B0B308D9-A986-4463-801F-A31AE190540F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:zhan_99_g2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "243EEAE5-313A-4747-8556-5FCA66E0573A", versionEndExcluding: "f.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:zhan_99_g2:-:*:*:*:*:*:*:*", matchCriteriaId: "A677B096-E4F2-424E-B06A-5B335FE0709A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:zhan_99_g4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9A18242-A4EA-4E64-AAE9-7F7E91897557", versionEndExcluding: "f.08", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:zhan_99_g4:-:*:*:*:*:*:*:*", matchCriteriaId: "DFFC67F1-A1EC-4BA8-86AF-567DC1272600", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:vr_backpack_g2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95C468D7-7B09-4D14-ACFE-CDB8DC237E52", versionEndExcluding: "f.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:vr_backpack_g2:-:*:*:*:*:*:*:*", matchCriteriaId: "73F034D5-E071-49D9-9DD0-084EE7B8DFD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:200_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "03BBAB9F-13D4-4C74-A42C-E2E27BAB0095", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:200_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "D353BB07-DBD5-4F2E-ADF2-DC2B61143957", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:200_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FA17105-B074-4FCB-AE8E-678C9170147C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:200_g4_22_all-in-one:-:*:*:*:*:*:*:*", matchCriteriaId: "D21E8CA6-8A44-4EA9-936C-2F52555890B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:200_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FA839908-F2C3-4E0B-BA55-F8B11748D170", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:200_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*", matchCriteriaId: "6059F9B7-B1CA-4B6B-BB0D-067F6D47E9D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:205_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CB3076D2-920B-4AE9-A9B0-4A32D31A5DE8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:205_g4_22_all-in-one:-:*:*:*:*:*:*:*", matchCriteriaId: "8AF306D8-ABBF-4045-8D9F-AA16AD0C820E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:205_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "816EB4BC-CB1E-498B-8FF4-1BE29C24E1ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:205_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*", matchCriteriaId: "2A9A1E4E-CA39-4869-B383-3C434617948B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EEB9916-0DDB-477F-8D0F-3875F502C11B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "191FF108-74AD-4EE6-8785-F634A6CED90B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g4_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24675A82-C3F9-4781-93F9-79883AEEE53B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g4:-:*:*:*:*:*:*:*", matchCriteriaId: "24DD2AF3-8883-48B8-877C-F63176543203", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g4_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4838645F-D633-4043-B1D6-01F6070FD080", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g4_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "14AFEF3F-A93D-4042-88AA-F68F5F67C009", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "92D0C1E9-95E0-4DD4-ADF0-645B4384E487", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g5:-:*:*:*:*:*:*:*", matchCriteriaId: "F3FADF9F-1929-47C7-B75D-8F14C45B09B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6397DB7D-5349-46AB-BB52-83B7E8EA461F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g5_small_form_factor:-:*:*:*:*:*:*:*", matchCriteriaId: "4CF85CB9-B797-4E6C-ABEF-67392DCD48B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g6_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B7E617F9-C3BB-4D34-8181-487EEB199F8B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g6:-:*:*:*:*:*:*:*", matchCriteriaId: "579D1565-CA10-4A4E-A2E8-16004A78C89A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_g8_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "85F267F4-FA76-4592-9038-BB217C9EEBBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_g8_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "26A0906A-8EE8-47D1-BFDA-EC04909A3829", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_pro_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0925537-5738-4DDE-8F1A-F492C186002B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_pro_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "59B822CD-5459-4AA0-98FD-7349685EA329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "665B81DE-B934-4F5B-8A0A-F429AF64BBA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_pro_g4_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "9F045964-4BEA-4C71-939F-7FBC437BD7BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:280_pro_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EAAC266B-C17C-453A-8D32-C45CE044E147", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:280_pro_g5_small_form_factor:-:*:*:*:*:*:*:*", matchCriteriaId: "C140BECB-6F01-4D79-8D03-E8B8A42824AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:282_g5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0D2BB8A0-FFDF-4696-9ACD-FF832C6C402F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:282_g5:-:*:*:*:*:*:*:*", matchCriteriaId: "71218FF2-460D-49D1-812F-D8C08BF510E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:282_g6_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8374038D-3316-4C15-B1B9-C2F0B3537A05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:282_g6:-:*:*:*:*:*:*:*", matchCriteriaId: "F5BA71E2-BE32-4563-AC07-BDF826B9C4D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:282_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4A82B799-EC08-484F-800F-8EB4FFB085AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:282_pro_g4_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "0476E463-DA4D-4F20-BEDF-B93D3ABC1B14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:288_g5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B3F7E602-8A96-446D-BDE6-7D7133B09EE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:288_g5:-:*:*:*:*:*:*:*", matchCriteriaId: "A3D7B1D8-A3D0-47B0-8A22-A3608892D03E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:288_g6_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8939A9F6-D5B6-4265-90DE-652896D582F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:288_g6:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E8F7C6-45F0-476F-BE22-B8D602B91627", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:288_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "39C32033-1E8E-4FAB-A1A5-1B85AF4FA510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:288_pro_g4_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "D9211352-0EE0-48D9-939C-9C47F3F47EC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g1_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4CD062EA-F9AE-4619-9679-E63811DCF240", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g1:-:*:*:*:*:*:*:*", matchCriteriaId: "39ADF234-B2E7-4B33-AC6E-A2442A2E959F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "046E517C-A766-4064-97E0-EF92686530A0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g2:-:*:*:*:*:*:*:*", matchCriteriaId: "066B771F-9486-4B18-8856-BB75A7DC24A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g2_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "43C0AC26-6193-4DEF-AF5E-935877959923", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g2_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "BA3884D2-D337-447B-8E5C-30722138B55B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "929FE0E8-714C-434C-A0FC-EA921554C13C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "8CB6EBE6-94A6-4611-8DD1-5E8E23EA4197", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g3_small_form_factor_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B3686518-AB17-402A-8337-5187ECD72071", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g3_small_form_factor:-:*:*:*:*:*:*:*", matchCriteriaId: "A10AFFDB-EDD2-4B49-B522-AA7E95698AFD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:290_g4_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8C9EF20C-4517-4EE2-9FE4-3DB5400F82BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:290_g4:-:*:*:*:*:*:*:*", matchCriteriaId: "9809B055-DCAF-4689-94F7-650BBA46143B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:desktop_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B0B5A75E-F5FC-4BD6-BDF0-509BCDD74971", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:desktop_pro_g1_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "990CA33B-0C50-4A33-AEB2-E9E0FF49D8C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_small_form_factor_280_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7446D646-07DC-4AC2-8FC3-C6A5BA7FA21C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_small_form_factor_280_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "ED86FB0B-00D5-46ED-BAFD-75F4F0711039", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_small_form_factor_290_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F4773020-D227-4209-BC02-0D61043CBD04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_small_form_factor_290_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "6B609D2A-EA4A-4630-9272-C04E0D89CAEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_small_form_factor_zhan_66_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E9A57584-8D85-4E32-A91A-34AD85CFFBED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_small_form_factor_zhan_66_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "E8073860-0FE3-4594-8208-185E10570979", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_tower_200_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108CB770-35B9-4E5E-93AC-B9CED1646118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_tower_200_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "9440CDEE-F9AE-48F6-ACA9-F52B5825B4D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_tower_280_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E903A0B-606F-4838-A737-7F89642F5B15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_tower_280_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "73443124-D7EA-4125-8B45-774D0DDD8896", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_tower_290_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "68754120-1B3F-49A1-B9C0-A7050F325A2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_tower_290_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "EBBDA484-C171-4E0A-9DA6-FD0AC3926E1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "626D4144-4573-4BC7-A90F-7F2F382E8BE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:pro_tower_zhan_99_g9_desktop:-:*:*:*:*:*:*:*", matchCriteriaId: "FD535049-4136-4209-BA00-129DD221D2D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proone_240_g10_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3536C31F-3ACA-406C-A71B-3C52E7309859", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proone_240_g10:-:*:*:*:*:*:*:*", matchCriteriaId: "DE346033-6077-4DB4-9D33-67F3B8740846", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proone_240_g9_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B307ECF9-2602-418F-B2B0-DEE5B2430A82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proone_240_g9:-:*:*:*:*:*:*:*", matchCriteriaId: "D716B903-6C32-4CA6-ACF9-97C2009545CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proone_440_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A1966769-CC94-4A17-8CF2-53CCAA70EDA0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proone_440_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "AD6B59D9-BC7D-462D-82CF-ACB37611A014", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proone_490_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1318D35C-1B13-4CFE-910F-EDA69D9DC723", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proone_490_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "40AFDED7-7EBB-4B16-9AFB-6D692ECCC504", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:proone_496_g3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "41600C3D-012D-4100-88A4-009DE4CD981C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:proone_496_g3:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B70E73-B2D6-46A6-B4EA-1F2673A9F20C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:z_vr_backpack_g1_workstation_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "402FA585-D7C8-4F5C-BECC-1AD9A988DA9B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:z_vr_backpack_g1_workstation:-:*:*:*:*:*:*:*", matchCriteriaId: "97110C07-D287-47A7-B1E3-9E3A1BDF9E9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:zhan_86_pro_g2_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7796F3E3-652D-4A67-A01B-B2923207D29D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:zhan_86_pro_g2_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "66525D0D-D460-4822-9B94-CE2088E621C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:zhan_99_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C15BE4ED-7432-4932-A39C-03CC659F0B5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:zhan_99_pro_g1_microtower:-:*:*:*:*:*:*:*", matchCriteriaId: "F481B7BE-667B-46CB-BEC5-BE033917C068", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.", }, ], id: "CVE-2023-26299", lastModified: "2024-11-21T07:51:05.217", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-30T16:15:09.543", references: [ { source: "hp-security-alert@hp.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850", }, ], sourceIdentifier: "hp-security-alert@hp.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-367", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }