CVE-2022-37018

EPSS 0.19%
Published 12.12.2022 13:15:12
Last modified 29.04.2025 05:15:41
Source hp-security-alert@hp.com
Teams watchlist Login
Open Login

A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Z1 G3 Firmware Version < 01.33

Hp ≫ Z1 G3 Version-

Hp ≫ Z2 Mini G3 Firmware Version < 01.85

Hp ≫ Z2 Mini G3 Version-

Hp ≫ Z238 Microtower Firmware Version < 01.85

Hp ≫ Z238 Microtower Version-

Hp ≫ Z240 Sff Firmware Version < 01.85

Hp ≫ Z240 Sff Version-

Hp ≫ Z240 Tower Firmware Version < 01.85

Hp ≫ Z240 Tower Version-

Hp ≫ Engage One Aio System Firmware Version < 02.44

Hp ≫ Engage One Aio System Version-

Hp ≫ Mp9 G2 Retail System Firmware Version < 02.59

Hp ≫ Mp9 G2 Retail System Version-

Hp ≫ Rp9 G1 Retail System Firmware Version < 02.59

Hp ≫ Rp9 G1 Retail System Version-

Hp ≫ Elite Slice Firmware Version < 02.59

Hp ≫ Elite Slice Version-

Hp ≫ Elitedesk 800 35w G2 Desktop Mini Pc Firmware Version < 02.59

Hp ≫ Elitedesk 800 35w G2 Desktop Mini Pc Version-

Hp ≫ Elitedesk 800 35w G3 Desktop Mini Pc Firmware Version < 02.44

Hp ≫ Elitedesk 800 35w G3 Desktop Mini Pc Version-

Hp ≫ Elitedesk 800 65w G2 Desktop Mini Pc Firmware Version < 02.59

Hp ≫ Elitedesk 800 65w G2 Desktop Mini Pc Version-

Hp ≫ Elitedesk 800 65w G3 Desktop Mini Pc Firmware Version < 02.44

Hp ≫ Elitedesk 800 65w G3 Desktop Mini Pc Version-

Hp ≫ Elitedesk 800 G2 Sff Firmware Version < 02.59

Hp ≫ Elitedesk 800 G2 Sff Version-

Hp ≫ Eliteone 800 G2 Aio Firmware Version < 02.59

Hp ≫ Eliteone 800 G2 Aio Version-

Hp ≫ Eliteone 800 G3 Firmware Version < 02.44

Hp ≫ Eliteone 800 G3 Version-

Hp ≫ Prodesk 400 G3 Dm Firmware Version < 02.44

Hp ≫ Prodesk 400 G3 Dm Version-

Hp ≫ Prodesk 400 G4 Microtower Firmware Version < 02.44

Hp ≫ Prodesk 400 G4 Microtower Version-

Hp ≫ Prodesk 400 G4 Sff Firmware Version < 02.44

Hp ≫ Prodesk 400 G4 Sff Version-

Hp ≫ Prodesk 480 G4 Microtower Pc Firmware Version < 02.44

Hp ≫ Prodesk 480 G4 Microtower Pc Version-

Hp ≫ Prodesk 600 G2 Dm Firmware Version < 02.59

Hp ≫ Prodesk 600 G2 Dm Version-

Hp ≫ Prodesk 600 G2 Microtower Pc Firmware Version < 02.59

Hp ≫ Prodesk 600 G2 Microtower Pc Version-

Hp ≫ Prodesk 600 G2 Sff Firmware Version < 02.59

Hp ≫ Prodesk 600 G2 Sff Version-

Hp ≫ Prodesk 600 G3 Desktop Mini Firmware Version < 02.44

Hp ≫ Prodesk 600 G3 Desktop Mini Version-

Hp ≫ Prodesk 600 G3 Microtower Pc Firmware Version < 02.44

Hp ≫ Prodesk 600 G3 Microtower Pc Version-

Hp ≫ Prodesk 600 G3 Sff Firmware Version < 02.44

Hp ≫ Prodesk 600 G3 Sff Version-

Hp ≫ Prodesk 680 G2 Microtower Pc Firmware Version < 02.59

Hp ≫ Prodesk 680 G2 Microtower Pc Version-

Hp ≫ Prodesk 680 G3 Microtower Pc Firmware Version < 02.44

Hp ≫ Prodesk 680 G3 Microtower Pc Version-

Hp ≫ Proone 400 G2 Aio Firmware Version < 02.59

Hp ≫ Proone 400 G2 Aio Version-

Hp ≫ Proone 400 G3 Aio Firmware Version < 02.44

Hp ≫ Proone 400 G3 Aio Version-

Hp ≫ Proone 480 G3 Firmware Version < 02.44

Hp ≫ Proone 480 G3 Version-

Hp ≫ Proone 600 G2 Aio Firmware Version < 02.59

Hp ≫ Proone 600 G2 Aio Version-

Hp ≫ Proone 600 G3 Firmware Version < 02.44

Hp ≫ Proone 600 G3 Version-

Hp ≫ Elite X2 1012 G1 Firmware Version < 01.58

Hp ≫ Elite X2 1012 G1 Version-

Hp ≫ Elite X2 1012 G2 Firmware Version < 01.44

Hp ≫ Elite X2 1012 G2 Version-

Hp ≫ Elitebook 1030 G1 Firmware Version < 01.58

Hp ≫ Elitebook 1030 G1 Version-

Hp ≫ Elitebook 1040 G3 Firmware Version < 01.58

Hp ≫ Elitebook 1040 G3 Version-

Hp ≫ Elitebook 1040 G4 Firmware Version < 01.44

Hp ≫ Elitebook 1040 G4 Version-

Hp ≫ Elitebook 820 G3 Firmware Version < 01.58

Hp ≫ Elitebook 820 G3 Version-

Hp ≫ Elitebook 820 G4 Firmware Version < 01.44

Hp ≫ Elitebook 820 G4 Version-

Hp ≫ Elitebook 828 G3 Firmware Version < 01.58

Hp ≫ Elitebook 828 G3 Version-

Hp ≫ Elitebook 828 G4 Firmware Version < 01.44

Hp ≫ Elitebook 828 G4 Version-

Hp ≫ Elitebook 840 G3 Firmware Version < 01.58

Hp ≫ Elitebook 840 G3 Version-

Hp ≫ Elitebook 840 G4 Firmware Version < 01.44

Hp ≫ Elitebook 840 G4 Version-

Hp ≫ Elitebook 848 G3 Firmware Version < 01.58

Hp ≫ Elitebook 848 G3 Version-

Hp ≫ Elitebook 848 G4 Firmware Version < 01.44

Hp ≫ Elitebook 848 G4 Version-

Hp ≫ Elitebook 850 G3 Firmware Version < 01.58

Hp ≫ Elitebook 850 G3 Version-

Hp ≫ Elitebook 850 G4 Firmware Version < 01.44

Hp ≫ Elitebook 850 G4 Version-

Hp ≫ Elitebook Folio G1 Firmware Version < 01.58

Hp ≫ Elitebook Folio G1 Version-

Hp ≫ Elitebook X360 1020 G2 Firmware Version < 01.44

Hp ≫ Elitebook X360 1020 G2 Version-

Hp ≫ Elitebook X360 1030 G2 Firmware Version < 01.44

Hp ≫ Elitebook X360 1030 G2 Version-

Hp ≫ Probook 11 G2 Firmware SwEditioneducation Version < 01.58

Hp ≫ Probook 11 G2 Version- SwEditioneducation

Hp ≫ Pro X2 612 G2 Firmware Version < 01.44

Hp ≫ Pro X2 612 G2 Version-

Hp ≫ Probook 430 G4 Firmware Version < 01.44

Hp ≫ Probook 430 G4 Version-

Hp ≫ Probook 440 G3 Firmware Version < 01.58

Hp ≫ Probook 440 G3 Version-

Hp ≫ Probook 440 G4 Firmware Version < 01.44

Hp ≫ Probook 440 G4 Version-

Hp ≫ Probook 446 G3 Firmware Version < 01.58

Hp ≫ Probook 446 G3 Version-

Hp ≫ Probook 450 G4 Firmware Version < 01.44

Hp ≫ Probook 450 G4 Version-

Hp ≫ Probook 470 G3 Firmware Version < 01.58

Hp ≫ Probook 470 G3 Version-

Hp ≫ Probook 470 G4 Firmware Version < 01.44

Hp ≫ Probook 470 G4 Version-

Hp ≫ Probook 640 G2 Firmware Version < 01.58

Hp ≫ Probook 640 G2 Version-

Hp ≫ Probook 640 G3 Firmware Version < 01.44

Hp ≫ Probook 640 G3 Version-

Hp ≫ Probook 650 G2 Firmware Version < 01.58

Hp ≫ Probook 650 G2 Version-

Hp ≫ Probook 650 G3 Firmware Version < 01.44

Hp ≫ Probook 650 G3 Version-

Hp ≫ Probook X360 11 G2 Firmware SwEditioneducation Version < 1.46

Hp ≫ Probook X360 11 G2 Version- SwEditioneducation

Hp ≫ Zbook 14u G4 Firmware Version < 01.44

Hp ≫ Zbook 14u G4 Version-

Hp ≫ Zbook 15 G3 Firmware Version < 01.58

Hp ≫ Zbook 15 G3 Version-

Hp ≫ Zbook 15 G4 Firmware Version < 01.44

Hp ≫ Zbook 15 G4 Version-

Hp ≫ Zbook 15u G3 Firmware Version < 01.58

Hp ≫ Zbook 15u G3 Version-

Hp ≫ Zbook 15u G4 Firmware Version < 01.44

Hp ≫ Zbook 15u G4 Version-

Hp ≫ Zbook 17 G3 Firmware Version < 01.58

Hp ≫ Zbook 17 G3 Version-

Hp ≫ Zbook 17 G4 Firmware Version < 01.44

Hp ≫ Zbook 17 G4 Version-

Hp ≫ Zbook Studio G3 Firmware Version < 01.58

Hp ≫ Zbook Studio G3 Version-

Hp ≫ Zbook Studio G4 Firmware Version < 01.44

Hp ≫ Zbook Studio G4 Version-

Hp ≫ Zbook Studio X2 G4 Firmware Version < 01.44

Hp ≫ Zbook Studio X2 G4 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.41

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://support.hp.com/us-en/document/ish_7191946-7191970-16/hpsbhf03820

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-37018

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-37018

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-37018

EUVD