Privilege Escalation Vulnerability in HP PC System BIOS
CVE-2022-37018

8.4HIGH

Key Information:

Vendor: HP
Status: HP Pc BiOS
Vendor: CVE Published:; 12 December 2022

Summary

A vulnerability has been identified in the system BIOS of certain HP PC products that could permit an attacker to escalate privileges and execute arbitrary code. This issue underscores the importance of applying timely firmware updates provided by HP to safeguard affected systems. The company has made firmware updates available to address this vulnerability, enhancing the overall security posture of its users.

Affected Version(s)

HP PC BIOS See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_7191946-7191970...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2022
Vulnerability Reserved
Jul 28, 2022