CVE-2023-26299
Severity Score
7.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-02-21 CVE Reserved
- 2023-06-30 CVE Published
- 2023-07-01 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850 | 2023-07-10 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | 260 G4 Desktop Mini Firmware Search vendor "Hp" for product "260 G4 Desktop Mini Firmware" | < 2.14 Search vendor "Hp" for product "260 G4 Desktop Mini Firmware" and version " < 2.14" | - |
Affected
| in | Hp Search vendor "Hp" | 260 G4 Desktop Mini Search vendor "Hp" for product "260 G4 Desktop Mini" | - | - |
Safe
|
| Hp Search vendor "Hp" | T430 Firmware Search vendor "Hp" for product "T430 Firmware" | < 00.01.11 Search vendor "Hp" for product "T430 Firmware" and version " < 00.01.11" | - |
Affected
| in | Hp Search vendor "Hp" | T430 Search vendor "Hp" for product "T430" | - | - |
Safe
|
| Hp Search vendor "Hp" | T628 Firmware Search vendor "Hp" for product "T628 Firmware" | < 00.01.10 Search vendor "Hp" for product "T628 Firmware" and version " < 00.01.10" | - |
Affected
| in | Hp Search vendor "Hp" | T628 Search vendor "Hp" for product "T628" | - | - |
Safe
|
| Hp Search vendor "Hp" | 240 G10 Firmware Search vendor "Hp" for product "240 G10 Firmware" | < f.04 Search vendor "Hp" for product "240 G10 Firmware" and version " < f.04" | - |
Affected
| in | Hp Search vendor "Hp" | 240 G10 Search vendor "Hp" for product "240 G10" | - | - |
Safe
|
| Hp Search vendor "Hp" | 245 G6 Firmware Search vendor "Hp" for product "245 G6 Firmware" | < f.35 Search vendor "Hp" for product "245 G6 Firmware" and version " < f.35" | - |
Affected
| in | Hp Search vendor "Hp" | 245 G6 Search vendor "Hp" for product "245 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | 245 G7 Firmware Search vendor "Hp" for product "245 G7 Firmware" | < f.69 Search vendor "Hp" for product "245 G7 Firmware" and version " < f.69" | - |
Affected
| in | Hp Search vendor "Hp" | 245 G7 Search vendor "Hp" for product "245 G7" | - | - |
Safe
|
| Hp Search vendor "Hp" | 245 G8 Firmware Search vendor "Hp" for product "245 G8 Firmware" | < f.25 Search vendor "Hp" for product "245 G8 Firmware" and version " < f.25" | - |
Affected
| in | Hp Search vendor "Hp" | 245 G8 Search vendor "Hp" for product "245 G8" | - | - |
Safe
|
| Hp Search vendor "Hp" | 247 G8 Firmware Search vendor "Hp" for product "247 G8 Firmware" | < f.69 Search vendor "Hp" for product "247 G8 Firmware" and version " < f.69" | - |
Affected
| in | Hp Search vendor "Hp" | 247 G8 Search vendor "Hp" for product "247 G8" | - | - |
Safe
|
| Hp Search vendor "Hp" | 250 G10 Firmware Search vendor "Hp" for product "250 G10 Firmware" | < f.05 Search vendor "Hp" for product "250 G10 Firmware" and version " < f.05" | - |
Affected
| in | Hp Search vendor "Hp" | 250 G10 Search vendor "Hp" for product "250 G10" | - | - |
Safe
|
| Hp Search vendor "Hp" | 255 G10 Firmware Search vendor "Hp" for product "255 G10 Firmware" | < f.08 Search vendor "Hp" for product "255 G10 Firmware" and version " < f.08" | - |
Affected
| in | Hp Search vendor "Hp" | 255 G10 Search vendor "Hp" for product "255 G10" | - | - |
Safe
|
| Hp Search vendor "Hp" | 349 G7 Firmware Search vendor "Hp" for product "349 G7 Firmware" | < f.28 Search vendor "Hp" for product "349 G7 Firmware" and version " < f.28" | - |
Affected
| in | Hp Search vendor "Hp" | 349 G7 Search vendor "Hp" for product "349 G7" | - | - |
Safe
|
| Hp Search vendor "Hp" | 470 G10 Firmware Search vendor "Hp" for product "470 G10 Firmware" | < f.02 Search vendor "Hp" for product "470 G10 Firmware" and version " < f.02" | - |
Affected
| in | Hp Search vendor "Hp" | 470 G10 Search vendor "Hp" for product "470 G10" | - | - |
Safe
|
| Hp Search vendor "Hp" | 470 G9 Firmware Search vendor "Hp" for product "470 G9 Firmware" | < f.05 Search vendor "Hp" for product "470 G9 Firmware" and version " < f.05" | - |
Affected
| in | Hp Search vendor "Hp" | 470 G9 Search vendor "Hp" for product "470 G9" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zhan 99 G2 Firmware Search vendor "Hp" for product "Zhan 99 G2 Firmware" | < f.24 Search vendor "Hp" for product "Zhan 99 G2 Firmware" and version " < f.24" | - |
Affected
| in | Hp Search vendor "Hp" | Zhan 99 G2 Search vendor "Hp" for product "Zhan 99 G2" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zhan 99 G4 Firmware Search vendor "Hp" for product "Zhan 99 G4 Firmware" | < f.08 Search vendor "Hp" for product "Zhan 99 G4 Firmware" and version " < f.08" | - |
Affected
| in | Hp Search vendor "Hp" | Zhan 99 G4 Search vendor "Hp" for product "Zhan 99 G4" | - | - |
Safe
|
| Hp Search vendor "Hp" | Vr Backpack G2 Firmware Search vendor "Hp" for product "Vr Backpack G2 Firmware" | < f.28 Search vendor "Hp" for product "Vr Backpack G2 Firmware" and version " < f.28" | - |
Affected
| in | Hp Search vendor "Hp" | Vr Backpack G2 Search vendor "Hp" for product "Vr Backpack G2" | - | - |
Safe
|
| Hp Search vendor "Hp" | 200 G3 Firmware Search vendor "Hp" for product "200 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 200 G3 Search vendor "Hp" for product "200 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | 200 G4 22 All-in-one Firmware Search vendor "Hp" for product "200 G4 22 All-in-one Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 200 G4 22 All-in-one Search vendor "Hp" for product "200 G4 22 All-in-one" | - | - |
Safe
|
| Hp Search vendor "Hp" | 200 Pro G4 22 All-in-one Firmware Search vendor "Hp" for product "200 Pro G4 22 All-in-one Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 200 Pro G4 22 All-in-one Search vendor "Hp" for product "200 Pro G4 22 All-in-one" | - | - |
Safe
|
| Hp Search vendor "Hp" | 205 G4 22 All-in-one Firmware Search vendor "Hp" for product "205 G4 22 All-in-one Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 205 G4 22 All-in-one Search vendor "Hp" for product "205 G4 22 All-in-one" | - | - |
Safe
|
| Hp Search vendor "Hp" | 205 Pro G4 22 All-in-one Firmware Search vendor "Hp" for product "205 Pro G4 22 All-in-one Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 205 Pro G4 22 All-in-one Search vendor "Hp" for product "205 Pro G4 22 All-in-one" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G3 Firmware Search vendor "Hp" for product "280 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G3 Search vendor "Hp" for product "280 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G4 Firmware Search vendor "Hp" for product "280 G4 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G4 Search vendor "Hp" for product "280 G4" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G4 Microtower Firmware Search vendor "Hp" for product "280 G4 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G4 Microtower Search vendor "Hp" for product "280 G4 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G5 Firmware Search vendor "Hp" for product "280 G5 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G5 Search vendor "Hp" for product "280 G5" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G5 Small Form Factor Firmware Search vendor "Hp" for product "280 G5 Small Form Factor Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G5 Small Form Factor Search vendor "Hp" for product "280 G5 Small Form Factor" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G6 Firmware Search vendor "Hp" for product "280 G6 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G6 Search vendor "Hp" for product "280 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 G8 Microtower Firmware Search vendor "Hp" for product "280 G8 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 G8 Microtower Search vendor "Hp" for product "280 G8 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 Pro G3 Firmware Search vendor "Hp" for product "280 Pro G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 Pro G3 Search vendor "Hp" for product "280 Pro G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 Pro G4 Microtower Firmware Search vendor "Hp" for product "280 Pro G4 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 Pro G4 Microtower Search vendor "Hp" for product "280 Pro G4 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 280 Pro G5 Small Form Factor Firmware Search vendor "Hp" for product "280 Pro G5 Small Form Factor Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 280 Pro G5 Small Form Factor Search vendor "Hp" for product "280 Pro G5 Small Form Factor" | - | - |
Safe
|
| Hp Search vendor "Hp" | 282 G5 Firmware Search vendor "Hp" for product "282 G5 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 282 G5 Search vendor "Hp" for product "282 G5" | - | - |
Safe
|
| Hp Search vendor "Hp" | 282 G6 Firmware Search vendor "Hp" for product "282 G6 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 282 G6 Search vendor "Hp" for product "282 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | 282 Pro G4 Microtower Firmware Search vendor "Hp" for product "282 Pro G4 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 282 Pro G4 Microtower Search vendor "Hp" for product "282 Pro G4 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 288 G5 Firmware Search vendor "Hp" for product "288 G5 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 288 G5 Search vendor "Hp" for product "288 G5" | - | - |
Safe
|
| Hp Search vendor "Hp" | 288 G6 Firmware Search vendor "Hp" for product "288 G6 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 288 G6 Search vendor "Hp" for product "288 G6" | - | - |
Safe
|
| Hp Search vendor "Hp" | 288 Pro G4 Microtower Firmware Search vendor "Hp" for product "288 Pro G4 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 288 Pro G4 Microtower Search vendor "Hp" for product "288 Pro G4 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G1 Firmware Search vendor "Hp" for product "290 G1 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G1 Search vendor "Hp" for product "290 G1" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G2 Firmware Search vendor "Hp" for product "290 G2 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G2 Search vendor "Hp" for product "290 G2" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G2 Microtower Firmware Search vendor "Hp" for product "290 G2 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G2 Microtower Search vendor "Hp" for product "290 G2 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G3 Firmware Search vendor "Hp" for product "290 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G3 Search vendor "Hp" for product "290 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G3 Small Form Factor Firmware Search vendor "Hp" for product "290 G3 Small Form Factor Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G3 Small Form Factor Search vendor "Hp" for product "290 G3 Small Form Factor" | - | - |
Safe
|
| Hp Search vendor "Hp" | 290 G4 Firmware Search vendor "Hp" for product "290 G4 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | 290 G4 Search vendor "Hp" for product "290 G4" | - | - |
Safe
|
| Hp Search vendor "Hp" | Desktop Pro G1 Microtower Firmware Search vendor "Hp" for product "Desktop Pro G1 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Desktop Pro G1 Microtower Search vendor "Hp" for product "Desktop Pro G1 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Small Form Factor 280 G9 Desktop Firmware Search vendor "Hp" for product "Pro Small Form Factor 280 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Small Form Factor 280 G9 Desktop Search vendor "Hp" for product "Pro Small Form Factor 280 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Small Form Factor 290 G9 Desktop Firmware Search vendor "Hp" for product "Pro Small Form Factor 290 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Small Form Factor 290 G9 Desktop Search vendor "Hp" for product "Pro Small Form Factor 290 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Small Form Factor Zhan 66 G9 Desktop Firmware Search vendor "Hp" for product "Pro Small Form Factor Zhan 66 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Small Form Factor Zhan 66 G9 Desktop Search vendor "Hp" for product "Pro Small Form Factor Zhan 66 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Tower 200 G9 Desktop Firmware Search vendor "Hp" for product "Pro Tower 200 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Tower 200 G9 Desktop Search vendor "Hp" for product "Pro Tower 200 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Tower 280 G9 Desktop Firmware Search vendor "Hp" for product "Pro Tower 280 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Tower 280 G9 Desktop Search vendor "Hp" for product "Pro Tower 280 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Tower 290 G9 Desktop Firmware Search vendor "Hp" for product "Pro Tower 290 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Tower 290 G9 Desktop Search vendor "Hp" for product "Pro Tower 290 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Pro Tower Zhan 99 G9 Desktop Firmware Search vendor "Hp" for product "Pro Tower Zhan 99 G9 Desktop Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Pro Tower Zhan 99 G9 Desktop Search vendor "Hp" for product "Pro Tower Zhan 99 G9 Desktop" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 240 G10 Firmware Search vendor "Hp" for product "Proone 240 G10 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Proone 240 G10 Search vendor "Hp" for product "Proone 240 G10" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 240 G9 Firmware Search vendor "Hp" for product "Proone 240 G9 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Proone 240 G9 Search vendor "Hp" for product "Proone 240 G9" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 440 G3 Firmware Search vendor "Hp" for product "Proone 440 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Proone 440 G3 Search vendor "Hp" for product "Proone 440 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 490 G3 Firmware Search vendor "Hp" for product "Proone 490 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Proone 490 G3 Search vendor "Hp" for product "Proone 490 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | Proone 496 G3 Firmware Search vendor "Hp" for product "Proone 496 G3 Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Proone 496 G3 Search vendor "Hp" for product "Proone 496 G3" | - | - |
Safe
|
| Hp Search vendor "Hp" | Z Vr Backpack G1 Workstation Firmware Search vendor "Hp" for product "Z Vr Backpack G1 Workstation Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Z Vr Backpack G1 Workstation Search vendor "Hp" for product "Z Vr Backpack G1 Workstation" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zhan 86 Pro G2 Microtower Firmware Search vendor "Hp" for product "Zhan 86 Pro G2 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Zhan 86 Pro G2 Microtower Search vendor "Hp" for product "Zhan 86 Pro G2 Microtower" | - | - |
Safe
|
| Hp Search vendor "Hp" | Zhan 99 Pro G1 Microtower Firmware Search vendor "Hp" for product "Zhan 99 Pro G1 Microtower Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | Zhan 99 Pro G1 Microtower Search vendor "Hp" for product "Zhan 99 Pro G1 Microtower" | - | - |
Safe
|