Vulnerability Description
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Desktop Pro A 300 G3 Firmware | < f.13 |
| Hp | Desktop Pro A 300 G3 | - |
| Hp | Desktop Pro A G3 Firmware | < f.13 |
| Hp | Desktop Pro A G3 | - |
| Hp | Desktop Pro A G3 Microtower Firmware | < f.13 |
| Hp | Desktop Pro A G3 Microtower | - |
| Hp | Zhan 66 Pro A G1 R Microtower Firmware | < f.13 |
| Hp | Zhan 66 Pro A G1 R Microtower | - |
| Hp | T638 Thin Client Firmware | < 00.01.13 |
| Hp | T638 Thin Client | - |
| Hp | Stream 11 Pro G5 Firmware | < f.18 |
| Hp | Stream 11 Pro G5 | - |
| Hp | 240 G10 Firmware | < f.05 |
| Hp | 240 G10 | - |
| Hp | 240 G6 Firmware | < f.55 |
| Hp | 240 G6 | - |
| Hp | 240 G7 Firmware | < f.75 |
| Hp | 240 G7 | - |
| Hp | 240 G9 Firmware | < f.06 |
| Hp | 240 G9 | - |
References
- https://support.hp.com/us-en/document/ish_9461800-9461828-16PatchVendor Advisory
- https://support.hp.com/us-en/document/ish_9461800-9461828-16PatchVendor Advisory
FAQ
What is CVE-2023-26300?
CVE-2023-26300 is a vulnerability with a CVSS score of 7.8 (HIGH). A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potenti...
How severe is CVE-2023-26300?
CVE-2023-26300 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-26300?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Desktop Pro A 300 G3 Firmware, Hp Desktop Pro A 300 G3, Hp Desktop Pro A G3 Firmware, Hp Desktop Pro A G3, Hp Desktop Pro A G3 Microtower Firmware.