Login Sign Up

CVE-2022-23924

8.2 HIGH
Denial of Service

📋 TL;DR

This CVE describes vulnerabilities in the system BIOS of certain HP PC products that could allow attackers to execute arbitrary code, escalate privileges, cause denial of service, or disclose sensitive information. The vulnerabilities affect physical access to HP computers with vulnerable BIOS versions. Attackers would need local access to exploit these vulnerabilities.

💻 Affected Systems

Products:
  • HP PC products with vulnerable BIOS
Versions: Specific vulnerable BIOS versions listed in HP advisory
Operating Systems: All operating systems running on affected hardware
Default Config Vulnerable: ⚠️ Yes
Notes: Check HP advisory for specific affected product models and BIOS versions. Vulnerability exists at firmware level, affecting all OS installations.

📦 What is this software?

Pc Bios by Hp

View all CVEs affecting Pc Bios →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with physical access could gain complete control of the system, bypassing all security controls, installing persistent malware in firmware, and accessing all data on the device.

🟠

Likely Case

Malicious insiders or attackers with brief physical access could install backdoors, steal credentials, or disable security controls on vulnerable HP systems.

🟢

If Mitigated

With proper physical security controls and BIOS password protection, the risk is significantly reduced to authorized personnel only.

🌐 Internet-Facing: LOW - These vulnerabilities require physical or local access to exploit, not remote network access.
🏢 Internal Only: HIGH - Internal attackers with physical access to vulnerable HP systems could exploit these vulnerabilities to gain complete control.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires physical access or local administrative privileges. No public exploit code has been disclosed as of current knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS updates provided by HP

Vendor Advisory: https://support.hp.com/us-en/document/ish_5817864-5817896-16

Restart Required: Yes

Instructions:

1. Identify your HP PC model and current BIOS version. 2. Visit HP support website. 3. Download appropriate BIOS update for your model. 4. Run the BIOS update utility. 5. Restart the system as prompted.

🔧 Temporary Workarounds

Enable BIOS Password

all

Set a strong BIOS administrator password to prevent unauthorized BIOS modifications

Access BIOS setup during boot (typically F10) and set administrator password

Physical Security Controls

all

Implement physical security measures to prevent unauthorized access to devices

🧯 If You Can't Patch

  • Implement strict physical security controls and access monitoring for vulnerable systems
  • Enable BIOS password protection and disable unnecessary BIOS features

🔍 How to Verify

Check if Vulnerable:

Check BIOS version in system information (Windows: msinfo32, Linux: dmidecode -s bios-version) and compare with HP advisory

Check Version:

Windows: wmic bios get smbiosbiosversion | Linux: sudo dmidecode -s bios-version

Verify Fix Applied:

Verify BIOS version after update matches or exceeds the patched version listed in HP advisory

📡 Detection & Monitoring

Log Indicators:

  • Unexpected BIOS modification events
  • Failed BIOS update attempts
  • System boot from unauthorized media

Network Indicators:

  • Not applicable - local exploitation only

SIEM Query:

Event ID 6008 (Unexpected shutdown) followed by BIOS-related events or unauthorized boot media detection

📊 Metadata

CVE ID: CVE-2022-23924
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Published: March 11, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON