Login Sign Up

CVE-2023-32673

9.8 CRITICAL

📋 TL;DR

This vulnerability allows local attackers to escalate privileges on affected HP systems. It affects users of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware. Attackers could gain SYSTEM-level access by exploiting this flaw.

💻 Affected Systems

Products:
  • HP PC Hardware Diagnostics Windows
  • HP Image Assistant
  • HP Thunderbolt Dock G2 Firmware
Versions: Specific vulnerable versions not detailed in advisory; check HP documentation for affected versions
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with these HP utilities installed. The vulnerability exists in the software components themselves.

📦 What is this software?

Image Assistant by Hp

View all CVEs affecting Image Assistant →

Pc Hardware Diagnostics by Hp

View all CVEs affecting Pc Hardware Diagnostics →

Thunderbolt Dock G2 Firmware by Hp

View all CVEs affecting Thunderbolt Dock G2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with SYSTEM privileges, allowing installation of malware, data theft, and complete control over the affected system.

🟠

Likely Case

Local privilege escalation enabling attackers to bypass security controls, install persistent backdoors, or access sensitive system resources.

🟢

If Mitigated

Limited impact if systems are properly segmented, have strict access controls, and users operate with minimal privileges.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to exploit.
🏢 Internal Only: HIGH - Internal attackers or compromised user accounts could exploit this to gain elevated privileges on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access to the system. No public exploit code has been released as of the advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to latest versions as specified in HP advisory

Vendor Advisory: https://support.hp.com/us-en/document/ish_8128401-8128440-16/hspbhf03848

Restart Required: Yes

Instructions:

1. Visit HP Support website. 2. Download latest versions of affected software. 3. Install updates. 4. Restart system to complete installation.

🔧 Temporary Workarounds

Remove affected software

windows

Uninstall vulnerable HP utilities if not required for operations

Control Panel > Programs > Uninstall a program > Select affected HP software > Uninstall

Restrict local access

all

Implement strict access controls to limit who can log into affected systems

🧯 If You Can't Patch

  • Implement principle of least privilege - ensure users operate with minimal necessary permissions
  • Segment networks to limit lateral movement from compromised systems

🔍 How to Verify

Check if Vulnerable:

Check installed HP software versions against HP advisory. Use: Control Panel > Programs > Programs and Features to view installed versions.

Check Version:

wmic product get name,version | findstr /i "HP"

Verify Fix Applied:

Verify updated versions are installed via Control Panel > Programs > Programs and Features. Confirm version numbers match patched versions from HP advisory.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Suspicious process creation with SYSTEM privileges
  • Unusual access to protected system resources

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

EventID=4688 AND NewProcessName CONTAINS "*" AND SubjectUserName!=SYSTEM AND TokenElevationType=%%1938

📊 Metadata

CVE ID: CVE-2023-32673
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: June 12, 2023
Last Updated: January 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON