Login Sign Up

CVE-2022-23926

8.2 HIGH

📋 TL;DR

This CVE describes BIOS vulnerabilities in certain HP PC products that could allow attackers to execute arbitrary code with high privileges, potentially leading to complete system compromise. Affected systems include specific HP laptop and desktop models running vulnerable BIOS firmware versions. Attackers could exploit these vulnerabilities to bypass security controls and gain persistent access.

💻 Affected Systems

Products:
  • HP EliteBook 645 G9 Notebook PC
  • HP EliteBook 655 G9 Notebook PC
  • HP EliteBook 845 G9 Notebook PC
  • HP EliteBook 865 G9 Notebook PC
  • HP ProBook 440 G9 Notebook PC
  • HP ProBook 450 G9 Notebook PC
  • HP ProBook 445 G9 Notebook PC
  • HP ProBook 455 G9 Notebook PC
  • HP ProBook 640 G9 Notebook PC
  • HP ProBook 650 G9 Notebook PC
  • HP Z2 Tower G9 Workstation
  • HP Z2 Small Form Factor G9 Workstation
Versions: BIOS versions prior to 01.07.03 Rev.A
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists at BIOS/UEFI firmware level, affecting all operating systems running on affected hardware.

📦 What is this software?

Pc Bios by Hp

View all CVEs affecting Pc Bios →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with persistent BIOS-level malware that survives OS reinstallation, enabling data theft, ransomware deployment, and creation of a persistent backdoor.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, install malware, or access sensitive system information.

🟢

If Mitigated

Limited impact if systems are physically secured, have secure boot enabled, and BIOS passwords are configured.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation typically requires local access or administrative privileges. No public exploits available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS version 01.07.03 Rev.A or later

Vendor Advisory: https://support.hp.com/us-en/document/ish_5817864-5817896-16

Restart Required: Yes

Instructions:

1. Download BIOS update from HP Support site. 2. Run the BIOS update executable with administrative privileges. 3. Follow on-screen instructions. 4. System will restart automatically to complete installation.

🔧 Temporary Workarounds

Enable Secure Boot

all

Enable Secure Boot in BIOS settings to prevent unauthorized code execution during boot process.

Set BIOS Administrator Password

all

Configure a strong BIOS administrator password to prevent unauthorized BIOS modifications.

🧯 If You Can't Patch

  • Restrict physical access to affected systems
  • Implement strict access controls and monitor for suspicious BIOS modification attempts

🔍 How to Verify

Check if Vulnerable:

Check BIOS version in system information (Windows: msinfo32, Linux: dmidecode -s bios-version) and compare with vulnerable versions.

Check Version:

Windows: wmic bios get smbiosbiosversion | Linux: sudo dmidecode -s bios-version

Verify Fix Applied:

Verify BIOS version is 01.07.03 Rev.A or later using system BIOS information or OS commands.

📡 Detection & Monitoring

Log Indicators:

  • BIOS/UEFI firmware modification events
  • Unauthorized access attempts to BIOS settings

Network Indicators:

  • Unusual outbound connections from system management interfaces

SIEM Query:

EventID=12 OR EventID=13 (Windows System events for boot configuration changes)

📊 Metadata

CVE ID: CVE-2022-23926
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Published: March 11, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON