Elevation of Privilege in HP PC Hardware Diagnostics and Related Products
CVE-2023-32673

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware
Vendor: CVE Published:; 12 June 2023

What is CVE-2023-32673?

Certain versions of HP PC Hardware Diagnostics for Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are susceptible to a vulnerability that allows elevation of privilege. This issue could enable an attacker to gain elevated permissions on vulnerable systems, potentially compromising the integrity and confidentiality of sensitive data. It is crucial for users of these products to remain vigilant and apply necessary updates to mitigate potential risks. For more information, refer to the official HP support documentation.

Affected Version(s)

HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_8128401-8128440...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2023
Vulnerability Reserved
May 11, 2023