CVE-2022-37019

EPSS 0.13%
Veröffentlicht 10.06.2024 23:15:49
Zuletzt bearbeitet 14.01.2026 16:40:14
Quelle hp-security-alert@hp.com
CVE-Watchlists
Login
Unerledigt
Login

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution.  HP is releasing firmware updates to mitigate the potential vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hp ≫ Elite Slice Firmware Version < 00.02.64

Hp ≫ Elite Slice Version-

Hp ≫ Elite Slice For Meeting Rooms Firmware Version < 00.02.64

Hp ≫ Elite Slice For Meeting Rooms Version-

Hp ≫ Elitebook 1040 G3 Firmware Version < 01.62

Hp ≫ Elitebook 1040 G3 Version-

Hp ≫ Elitebook 820 G3 Firmware Version < 01.62

Hp ≫ Elitebook 820 G3 Version-

Hp ≫ Elitebook 828 G3 Firmware Version < 01.62

Hp ≫ Elitebook 828 G3 Version-

Hp ≫ Elitebook 840 G3 Firmware Version < 01.62

Hp ≫ Elitebook 840 G3 Version-

Hp ≫ Elitebook 848 G3 Firmware Version < 01.62

Hp ≫ Elitebook 848 G3 Version-

Hp ≫ Elitebook 850 G3 Firmware Version < 01.62

Hp ≫ Elitebook 850 G3 Version-

Hp ≫ Elitebook Folio G1 Firmware Version < 01.62

Hp ≫ Elitebook Folio G1 Version-

Hp ≫ Elitedesk 800 35w G2 Desktop Mini Pc Firmware Version < 00.02.63

Hp ≫ Elitedesk 800 35w G2 Desktop Mini Pc Version-

Hp ≫ Elitedesk 800 65w G2 Desktop Mini Pc Firmware Version < 00.02.63

Hp ≫ Elitedesk 800 65w G2 Desktop Mini Pc Version-

Hp ≫ Mp9 G2 Retail System Firmware Version < 02.63

Hp ≫ Mp9 G2 Retail System Version-

Hp ≫ Probook 440 G3 Firmware Version < 1.62

Hp ≫ Probook 440 G3 Version-

Hp ≫ Probook 446 G3 Firmware Version < 1.62

Hp ≫ Probook 446 G3 Version-

Hp ≫ Probook 470 G3 Firmware Version < 1.62

Hp ≫ Probook 470 G3 Version-

Hp ≫ Probook 640 G2 Firmware Version < 1.62

Hp ≫ Probook 640 G2 Version-

Hp ≫ Probook 650 G2 Firmware Version < 1.62

Hp ≫ Probook 650 G2 Version-

Hp ≫ Rp9 G1 Retail System Firmware Version < 02.64

Hp ≫ Rp9 G1 Retail System Version-

Hp ≫ Z2 Mini G3 Workstation Firmware Version < 01.91

Hp ≫ Z2 Mini G3 Workstation Version-

Hp ≫ Z238 Microtower Workstation Firmware Version < 01.91

Hp ≫ Z238 Microtower Workstation Version-

Hp ≫ Z240 Small Form Factor Workstation Firmware Version < 01.91

Hp ≫ Z240 Small Form Factor Workstation Version-

Hp ≫ Z240 Tower Workstation Firmware Version < 01.91

Hp ≫ Z240 Tower Workstation Version-

Hp ≫ Zbook 15 G3 Firmware Version < 1.62

Hp ≫ Zbook 15 G3 Version-

Hp ≫ Zbook 15u G3 Firmware Version < 1.62

Hp ≫ Zbook 15u G3 Version-

Hp ≫ Zbook 17 G3 Firmware Version < 1.62

Hp ≫ Zbook 17 G3 Version-

Hp ≫ Zbook Studio G3 Firmware Version < 1.62

Hp ≫ Zbook Studio G3 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.324

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.8	2.5	4.2	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://support.hp.com/us-en/document/ish_10737430-10737454-16/hpsbhf03943

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-37019

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-37019

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-37019

EUVD