Login Sign Up

CVE-2022-43779

7.0 HIGH

📋 TL;DR

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in AMI UEFI Firmware used in certain HP PC products could allow attackers to execute arbitrary code, cause denial of service, or disclose sensitive information. This affects HP PC products with vulnerable AMI UEFI Firmware versions. Attackers with local access could potentially exploit this to gain elevated privileges.

💻 Affected Systems

Products:
  • HP PC products with AMI UEFI Firmware
Versions: Specific versions not publicly detailed in advisory
Operating Systems: All operating systems running on affected hardware
Default Config Vulnerable: ⚠️ Yes
Notes: Requires local access to system; specific HP models not enumerated in public advisory

📦 What is this software?

218 Pro G5 Mt Firmware by Hp

View all CVEs affecting 218 Pro G5 Mt Firmware →

260 G2 Desktop Mini Firmware by Hp

View all CVEs affecting 260 G2 Desktop Mini Firmware →

260 G3 Desktop Mini Firmware by Hp

View all CVEs affecting 260 G3 Desktop Mini Firmware →

260 G4 Desktop Mini Firmware by Hp

View all CVEs affecting 260 G4 Desktop Mini Firmware →

280 G3 Microtower Pc Firmware by Hp

View all CVEs affecting 280 G3 Microtower Pc Firmware →

280 G3 Pci Microtower Pc Firmware by Hp

View all CVEs affecting 280 G3 Pci Microtower Pc Firmware →

288 Pro G3 Microtower Pc Firmware by Hp

View all CVEs affecting 288 Pro G3 Microtower Pc Firmware →

290 G1 Microtower Firmware by Hp

View all CVEs affecting 290 G1 Microtower Firmware →

348 G4 Firmware by Hp

View all CVEs affecting 348 G4 Firmware →

Desktop Pro 300 G3 Firmware by Hp

View all CVEs affecting Desktop Pro 300 G3 Firmware →

Desktop Pro A 300 G3 Firmware by Hp

View all CVEs affecting Desktop Pro A 300 G3 Firmware →

Desktop Pro A G2 Firmware by Hp

View all CVEs affecting Desktop Pro A G2 Firmware →

Desktop Pro A G2 Microtower Firmware by Hp

View all CVEs affecting Desktop Pro A G2 Microtower Firmware →

Desktop Pro A G3 Firmware by Hp

View all CVEs affecting Desktop Pro A G3 Firmware →

Desktop Pro A G3 Microtower Firmware by Hp

View all CVEs affecting Desktop Pro A G3 Microtower Firmware →

Desktop Pro G3 Firmware by Hp

View all CVEs affecting Desktop Pro G3 Firmware →

Desktop Pro G3 Microtower Firmware by Hp

View all CVEs affecting Desktop Pro G3 Microtower Firmware →

Desktop Pro Microtower Firmware by Hp

View all CVEs affecting Desktop Pro Microtower Firmware →

Rp2 Retail System 2000 Firmware by Hp

View all CVEs affecting Rp2 Retail System 2000 Firmware →

Rp2 Retail System 2020 Firmware by Hp

View all CVEs affecting Rp2 Retail System 2020 Firmware →

Rp2 Retail System 2030 Firmware by Hp

View all CVEs affecting Rp2 Retail System 2030 Firmware →

Zhan 66 Pro A G1 Microtower Firmware by Hp

View all CVEs affecting Zhan 66 Pro A G1 Microtower Firmware →

Zhan 66 Pro A G1 R Microtower Firmware by Hp

View all CVEs affecting Zhan 66 Pro A G1 R Microtower Firmware →

Zhan 66 Pro G1 R Microtower Firmware by Hp

View all CVEs affecting Zhan 66 Pro G1 R Microtower Firmware →

Zhan 86 Pro G1 Microtower Firmware by Hp

View all CVEs affecting Zhan 86 Pro G1 Microtower Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains persistent firmware-level access, enabling arbitrary code execution, complete system compromise, and potential hardware bricking.

🟠

Likely Case

Local attacker gains elevated privileges, executes arbitrary code at firmware level, leading to system compromise and data theft.

🟢

If Mitigated

With proper access controls and patching, risk is limited to authorized users with physical access attempting privilege escalation.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local access and detailed knowledge of UEFI firmware internals

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: AMI UEFI Firmware updates via HP BIOS updates

Vendor Advisory: https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829

Restart Required: Yes

Instructions:

1. Visit HP Support website. 2. Enter your HP product number. 3. Download latest BIOS/UEFI firmware update. 4. Run update utility. 5. Restart system as prompted.

🔧 Temporary Workarounds

Restrict Physical Access

all

Limit physical access to vulnerable systems to authorized personnel only

Enable Secure Boot

all

Enable Secure Boot in UEFI settings to prevent unauthorized firmware modifications

🧯 If You Can't Patch

  • Implement strict physical security controls and access monitoring
  • Isolate vulnerable systems from sensitive networks and data

🔍 How to Verify

Check if Vulnerable:

Check HP support site with your product number to see if BIOS update is available for CVE-2022-43779

Check Version:

wmic bios get smbiosbiosversion (Windows) or dmidecode -s bios-version (Linux)

Verify Fix Applied:

Verify BIOS/UEFI firmware version matches or exceeds version listed in HP security bulletin

📡 Detection & Monitoring

Log Indicators:

  • Unexpected BIOS/UEFI firmware modification attempts
  • Failed firmware update attempts

SIEM Query:

EventID=12 OR EventID=13 (Windows System logs for firmware changes)

📊 Metadata

CVE ID: CVE-2022-43779
CVSS v3 Score: 7.0 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-367
Published: February 12, 2023
Last Updated: March 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-43779, you might also want to check these:

CVE-2026-25641 10.0

CVE-2026-25641 is a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attack...

Same vulnerability type (CWE-367)
CVE-2025-64180 10.0

A critical TOCTOU vulnerability in Manager accounting software allows attackers to bypass DNS valida...

Same vulnerability type (CWE-367)
CVE-2025-13032 9.9

A double fetch vulnerability in the sandbox kernel driver of Avast/AVG Antivirus on Windows allows l...

Same vulnerability type (CWE-367)