Описание
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
Затрагиваемое ПО
Hp Elitebook 745 g4 firmwareHp Elitebook 745 g4Hp Elitebook 745 g5 firmwareHp Elitebook 745 g5Hp Elitebook 745 g6 firmwareHp Elitebook 745 g6Hp Elitebook 755 g4 firmwareHp Elitebook 755 g4Hp Elitebook 755 g5 firmwareHp Elitebook 755 g5Hp Elitebook 820 g3 firmwareHp Elitebook 820 g3Hp Elitebook 820 g4 firmwareHp Elitebook 820 g4Hp Elitebook 828 g3 firmwareHp Elitebook 828 g3Hp Elitebook 828 g4 firmwareHp Elitebook 828 g4Hp Elitebook 830 13.3 inch g9 notebook pc firmwareHp Elitebook 830 13.3 inch g9 notebook pcHp Elitebook 830 g5 firmwareHp Elitebook 830 g5Hp Elitebook 830 g6 firmwareHp Elitebook 830 g6Hp Elitebook 830 g7 firmware
CVSS
| Балл | 7.8 — высокая |
| Вектор | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Источники
https://support.hp.com/us-en/document/ish_10810714-10810745-16/hpsbhf03948https://support.hp.com/us-en/document/ish_10810714-10810745-16/hpsbhf03948