CVE-2022-31635

7.8HIGH

Key Information

Vendor: HP
Status: HP Pc BiOS
Vendor: CVE Published:; 13 June 2023

Summary

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.

Affected Version(s)

HP PC BIOS = See HP Security Bulletin reference for affected versions.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Jun 13, 2023
Vulnerability Reserved.
May 25, 2022

Collectors

NVD DatabaseMitre Database