CVE-2022-31643

moderate-risk

Published 2023-04-28

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.

Do I need to act?

0.09% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Elite Dragonfly G3 Firmware

Dragonfly Folio G3 Firmware

Elite Dragonfly G2 Firmware

Elite Dragonfly Max Firmware

Elite X2 G8 Firmware

Elite X360 1040 G9 Firmware

Elite X360 830 G9 Firmware

Elitebook 1040 G9 Firmware

Elitebook 630 G9 Firmware

Elitebook 640 G9 Firmware

Elitebook 645 G9 Firmware

Elitebook 650 G9 Firmware

Elitebook 655 G9 Firmware

Elitebook 830 G9 Firmware

Elitebook 830 G8 Firmware

Elitebook 835 G9 Firmware

Elitebook 835 G8 Firmware

Elitebook 840 G9 Firmware

Elitebook 840 Aero G8 Firmware

Elitebook 840 G8 Firmware

Affected Vendors

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_7013183-7013209-16/hpsbhf03812

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 29/34 · Critical