CVE-2017-2751

Summary

A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.

Affected Software

VendorProductVersion RangeStatus
HP Inc.HP 240 G1 Notebook PC and certain other consumer notebooksF.22 and other firmware versionsaffected

Weaknesses

  • The BIOS password was stored in CMOS in a way that allowed it to be extracted

ADP Enrichment

CVE Program Container

Additional References

References