HP BIOS Vulnerability Could Lead to Arbitrary Code Execution, Denial of Service, and Information Disclosure
CVE-2022-27540
Currently unrated
Summary
A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been detected within the HP BIOS, affecting certain HP PC products. This issue could potentially be exploited to enable arbitrary code execution, leading to unauthorized actions on the affected systems. Additionally, it poses a risk of denial of service attacks which could render devices inoperative, as well as allowing for the possibility of sensitive information disclosure. HP has acknowledged this vulnerability and is in the process of releasing BIOS updates to resolve these security concerns.
Affected Version(s)
HP PC BIOS See HP Security Bulletin reference for affected versions.
References
Timeline
Vulnerability published
Vulnerability Reserved