CVE-2023-5409

6.8MEDIUM

Key Information

Vendor: HP
Status: HP t430 and t638 Thin Clients
Vendor: CVE Published:; 13 October 2023

Summary

HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.

Affected Version(s)

HP t430 and t638 Thin Clients <= See HP Security Bulletin for affected products.

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 13, 2023
Vulnerability Reserved.
Oct 4, 2023

Collectors

NVD DatabaseMitre Database