Arbitrary Code Execution Vulnerability in HP PC BIOS
CVE-2022-31645
7.8HIGH
Summary
Certain HP PC products may have vulnerabilities in their system BIOS that could enable an attacker to execute arbitrary code, potentially leading to unauthorized access or control over affected systems. These vulnerabilities could also allow attackers to escalate privileges, disrupt service, or disclose sensitive information. It's crucial for users and administrators to be aware of these risks and apply relevant updates and mitigations as soon as they are available.
Affected Version(s)
HP PC BIOS See HP Security Bulletin reference for affected versions.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved