Lucene search
HistoryJun 28, 2024 - 7:15 p.m.
CVE-2022-27540
time of check
time of use
hp bios
arbitrary code execution
denial of service
information disclosure
bios update
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.1%
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
Related
cvelist
cvelist
CVE-2022-27540
2024-06-28 19:00:28
cve
cve
CVE-2022-27540
2024-06-28 19:15:03
hp
hp
HP PC BIOS Additional Security Update for TOCTOU
2024-06-25 00:00:00
vulnrichment
vulnrichment
CVE-2022-27540
2024-06-28 19:00:28
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.1%
Related for NVD:CVE-2022-27540