CVE-2023-5409
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.
HP es consciente de una posible vulnerabilidad de seguridad en las PC Thin Client HP t430 y t638. Estos modelos pueden ser susceptibles a un ataque físico, lo que permite que una fuente no confiable altere el firmware del sistema utilizando una clave privada divulgada públicamente. HP proporciona orientación recomendada para que los clientes reduzcan la exposición a la vulnerabilidad potencial.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-10-04 CVE Reserved
- 2023-10-13 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.hp.com/us-en/document/ish_9441200-9441233-16 | 2023-10-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | T430 Thin Client Firmware Search vendor "Hp" for product "T430 Thin Client Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | T430 Thin Client Search vendor "Hp" for product "T430 Thin Client" | - | - |
Safe
|
| Hp Search vendor "Hp" | T638 Thin Client Firmware Search vendor "Hp" for product "T638 Thin Client Firmware" | - | - |
Affected
| in | Hp Search vendor "Hp" | T638 Thin Client Search vendor "Hp" for product "T638 Thin Client" | - | - |
Safe
|