Login Sign Up

CVE-2022-23928

8.2 HIGH

📋 TL;DR

This CVE describes BIOS vulnerabilities in certain HP PC products that could allow attackers to execute arbitrary code with high privileges, potentially leading to complete system compromise. The vulnerabilities affect HP consumer and business PCs with specific BIOS versions. Successful exploitation requires local access to the system.

💻 Affected Systems

Products:
  • HP consumer and business PC products
Versions: Specific BIOS versions listed in HP advisory
Operating Systems: All operating systems running on affected hardware
Default Config Vulnerable: ⚠️ Yes
Notes: Exact affected models and BIOS versions detailed in HP security bulletin. Requires local access to system.

📦 What is this software?

Pc Bios by Hp

View all CVEs affecting Pc Bios →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with persistent BIOS-level malware that survives OS reinstallation, enabling data theft, ransomware deployment, or system destruction.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, install persistent malware, or access sensitive system information.

🟢

If Mitigated

Limited impact with proper physical security controls, BIOS password protection, and secure boot enabled.

🌐 Internet-Facing: LOW - Requires local system access, not remotely exploitable over network.
🏢 Internal Only: HIGH - Malicious insiders or attackers with physical access could exploit these vulnerabilities to compromise systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local system access and BIOS-level exploitation knowledge. No public exploits available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS updates specified in HP security advisory

Vendor Advisory: https://support.hp.com/us-en/document/ish_5817864-5817896-16

Restart Required: Yes

Instructions:

1. Identify affected HP model and current BIOS version. 2. Download appropriate BIOS update from HP Support. 3. Run BIOS update utility with administrative privileges. 4. Restart system as prompted. 5. Verify BIOS version updated successfully.

🔧 Temporary Workarounds

Enable BIOS password

all

Set BIOS administrator password to prevent unauthorized BIOS modifications

Enable Secure Boot

all

Enable Secure Boot in BIOS to prevent unauthorized code execution during boot process

🧯 If You Can't Patch

  • Implement strict physical security controls to prevent unauthorized local access
  • Deploy endpoint detection and response (EDR) solutions to detect BIOS-level tampering attempts

🔍 How to Verify

Check if Vulnerable:

Check BIOS version in system information (F10 during boot or Windows System Information) and compare against HP advisory list

Check Version:

Windows: wmic bios get smbiosbiosversion | Linux: sudo dmidecode -s bios-version

Verify Fix Applied:

Verify BIOS version after update matches patched version in HP advisory

📡 Detection & Monitoring

Log Indicators:

  • BIOS modification events in system logs
  • Unexpected BIOS update attempts
  • Failed BIOS password attempts

Network Indicators:

  • BIOS update downloads from unusual sources

SIEM Query:

EventID=12 OR EventID=13 (System events) with BIOS-related descriptions

📊 Metadata

CVE ID: CVE-2022-23928
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Published: March 11, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON