CVE-2023-5409

6.8MEDIUM

Key Information

Vendor
HP
Status
HP t430 and t638 Thin Clients
Vendor
CVE Published:
13 October 2023

Summary

HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.

Affected Version(s)

HP t430 and t638 Thin Clients <= See HP Security Bulletin for affected products.

Refferences

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.