CVE-2016-2243

moderate-risk
Published 2016-03-04

Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.9/10 High
LOCAL / LOW complexity

Affected Products (15)

700 Series Firmware
Z240 Firmware
700 Series Firmware
Z238 Firmware
1000 Series Firmware
1000 Series Firmware
700 Series Firmware
700 Series Firmware
Zbook Firmware
800 Series Firmware
Zbook Firmware
800 Series Firmware
Elitebook Folio 1012 X2 G2
1000 Series Firmware
700 Series Firmware

Affected Vendors

Hp

References (4)

http://www.securitytracker.com/id/1035193
Vendor Advisory https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05012469
http://www.securitytracker.com/id/1035193
Vendor Advisory https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05012469
43
/ 100
moderate-risk
Severity 25/34 · High
Exploitability 0/34 · Minimal
Exposure 18/34 · Moderate