CVE-2022-27541

7.8HIGH

Key Information

Vendor: HP
Status: HP Pc BiOS
Vendor: CVE Published:; 12 June 2023

Summary

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.

Affected Version(s)

HP PC BIOS = See HP Security Bulletin reference for affected versions.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Jun 12, 2023
Vulnerability Reserved.
Mar 21, 2022

Collectors

NVD DatabaseMitre Database