All the vulnerabilites related to hp - desktop_pro_a_g2_firmware
cve-2022-43779
Vulnerability from cvelistv5
Published
2023-02-03 16:42
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HP Inc. | HP PC products using AMI UEFI Firmware |
Version: See HP Security Bulletin reference for affected versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP PC products using AMI UEFI Firmware",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-12T01:45:42.615671Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-43779",
"datePublished": "2023-02-03T16:42:10.283Z",
"dateReserved": "2022-10-26T14:39:32.656Z",
"dateUpdated": "2024-08-03T13:40:06.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-02-12 04:15
Modified
2024-11-21 07:27
Severity ?
Summary
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:348_g4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE153A6-4830-4AFE-8686-7A565DA17AC8",
"versionEndExcluding": "f.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:348_g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49DAEC47-59F9-4DB5-9A7D-99ED68DE702E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g2_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "557E5418-A72F-4C32-A8A5-0BA2E6D86F76",
"versionEndExcluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g2_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B46A5A35-548C-4D8A-8615-155BE636D0DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:218_pro_g5_mt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BC161C-763B-4245-92FA-DD3409C2CEBD",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:218_pro_g5_mt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "611B7336-44A2-4A6A-94A2-9C6A55E6B878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g3_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28D3AFD7-5EC1-49CB-8940-31D54D34145D",
"versionEndExcluding": "02.20.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g3_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AFD7D7-554B-426F-873E-F240A34C1178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE54A16-C1C9-4316-944B-185EB5DD8137",
"versionEndExcluding": "02.12.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3C361-80EC-4776-9949-3CB5B4319A65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F89E8E31-A6D5-41E8-B7DC-8B12EDD10689",
"versionEndExcluding": "02.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g3_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80CC04F-9AAE-47B6-9F6D-A20E7FB58D57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:280_g3_pci_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF066652-0581-4C5A-AF12-0D1425C70B26",
"versionEndExcluding": "02.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:280_g3_pci_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6488C91D-C3B6-4DBC-AB84-66C034F12F85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:288_pro_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "592EF5D6-CC6D-4AB5-9E9D-D1505D01043D",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:288_pro_g3_microtower_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A33680A7-EB8D-45A4-8F3D-C7D1657471B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:290_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FB74C-93C1-42D5-99CC-955C84CAB676",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:290_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "916FDAB3-6BE7-4783-BCDA-03519A090755",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_300_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E0D0B3-B543-43A0-BAE4-26D6360C1112",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_300_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1CA282-C10A-450C-AC5C-7D4DB28B7769",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_300_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A67C7-3B7F-4AB5-BC59-FC9C1DAC92F6",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_300_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC252085-28AD-4B4B-B3F2-46A79EC4454E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7D086F-37FD-4E6C-850F-84C6A1F82716",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B71FF05-319E-4AF9-898A-535C47296918",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F4D44A-229F-4F20-A428-752C5C3653B0",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2483BA-E501-46EE-9E65-A3B80A3354C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92281F0-A9A6-4A91-A476-D2297F19C9EB",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB20EDC-6674-40ED-8A47-B742837D1E29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC30EED-1990-4D47-B1CD-1FB7E62BBC6E",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37108B1D-2BED-42D6-87A4-596E75FB645F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_g3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E162B6-B3F4-4F58-91ED-186EC919D928",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_g3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA54B2-6DD5-4CEE-A0DF-5C7B498E38BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_g3_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0253ED0-B9FF-4050-8F6F-9D0A65511BB5",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_g3_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE0F273-92B2-448A-B8F1-7EB1F132B74A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:desktop_pro_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8053C388-2231-4DDB-AF1D-84A73FAE9925",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:desktop_pro_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260A0E1E-1B35-43A1-B0AF-696942DCC932",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3976A254-EA9D-4976-B041-98F1F8DA6130",
"versionEndExcluding": "f.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B21CB1F-1AA7-4983-B89A-DB4F655F327B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_r_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1289BC6-AFF4-4FCE-A3AA-D5D6037F7549",
"versionEndExcluding": "f12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_r_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465F25-77A7-401E-A198-B052064AA241",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_66_pro_g1_r_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C50921-3336-47CF-BBC8-D94B924A29F8",
"versionEndExcluding": "f15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_66_pro_g1_r_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44F52B8E-14B4-4967-B243-DFDB7037E6EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:zhan_86_pro_g1_microtower_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDBFDB-5E52-47C5-923A-9E5C24795261",
"versionEndExcluding": "00.02.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:zhan_86_pro_g1_microtower:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AACFA1BA-C08E-4659-B6A7-E957DDB72C36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864FDD6C-D435-4C96-A882-62120DA6E1D0",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56681D4A-2D4B-495F-85E3-635F51E7A63D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDD5962-2CCE-45F6-97E3-1F962EBD938D",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9270F8AA-88E9-456C-A571-3D2DF1D06363",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:rp2_retail_system_2030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F3C45A-3762-4EAB-BFC7-5D2EDD03D760",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:rp2_retail_system_2030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC73F0F-09F9-4916-B0DD-DB69D6699CB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."
}
],
"id": "CVE-2022-43779",
"lastModified": "2024-11-21T07:27:14.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-12T04:15:16.060",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}