CVE-2022-37020
6.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
Exploitability: 2.5 / Impact: 4.2
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.
Affected (26)
Products: Hp: Elite Slice Firmware, Elite Slice For Meeting Rooms Firmware, Elitebook 1040 G3 Firmware, Elitebook 820 G3 Firmware, Elitebook 828 G3 Firmware, Elitebook 840 G3 Firmware, Elitebook 848 G3 Firmware, Elitebook 850 G3 Firmware, Elitebook Folio G1 Firmware, Elitedesk 800 35w G2 Desktop Mini Pc Firmware, Elitedesk 800 65w G2 Desktop Mini Pc Firmware, Mp9 G2 Retail System Firmware, Probook 440 G3 Firmware, Probook 446 G3 Firmware, Probook 470 G3 Firmware, Probook 640 G2 Firmware, Probook 650 G2 Firmware, Rp9 G1 Retail System Firmware, Z2 Mini G3 Workstation Firmware, Z238 Microtower Workstation Firmware, Z240 Small Form Factor Workstation Firmware, Z240 Tower Workstation Firmware, Zbook 15 G3 Firmware, Zbook 15u G3 Firmware, Zbook 17 G3 Firmware, Zbook Studio G3 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 00.02.64 |
| Running on/with | Platform Versions |
|---|---|
Hp Elite Slice | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 00.02.64 |
| Running on/with | Platform Versions |
|---|---|
Hp Elite Slice For Meeting Rooms | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 1040 G3 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 820 G3 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 828 G3 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 840 G3 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 848 G3 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook 850 G3 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitebook Folio G1 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 00.02.63 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitedesk 800 35w G2 Desktop Mini Pc | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 00.02.63 |
| Running on/with | Platform Versions |
|---|---|
Hp Elitedesk 800 65w G2 Desktop Mini Pc | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 02.63 |
| Running on/with | Platform Versions |
|---|---|
Hp Mp9 G2 Retail System | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Probook 440 G3 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Probook 446 G3 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Probook 470 G3 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Probook 640 G2 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Probook 650 G2 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 02.64 |
| Running on/with | Platform Versions |
|---|---|
Hp Rp9 G1 Retail System | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.91 |
| Running on/with | Platform Versions |
|---|---|
Hp Z2 Mini G3 Workstation | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.91 |
| Running on/with | Platform Versions |
|---|---|
Hp Z238 Microtower Workstation | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.91 |
| Running on/with | Platform Versions |
|---|---|
Hp Z240 Small Form Factor Workstation | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 01.91 |
| Running on/with | Platform Versions |
|---|---|
Hp Z240 Tower Workstation | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Zbook 15 G3 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Zbook 15u G3 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Zbook 17 G3 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.62 |
| Running on/with | Platform Versions |
|---|---|
Hp Zbook Studio G3 | All versions |
References (2)
Source: hp-security-alert@hp.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.