CVE-2024-5477
7.3
CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Summary
A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasing firmware mitigation for the potential vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HP Inc. | Certain HP PC Products | See HP Security Bulletin reference for affected versions. | affected |
Weaknesses
- CWE-1256: CWE-1256 - Improper Restriction of Software and Firmware Updates
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.