{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-43779", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "state": "PUBLISHED", "assignerShortName": "hp", "dateReserved": "2022-10-26T14:39:32.656Z", "datePublished": "2023-02-03T16:42:10.283Z", "dateUpdated": "2024-08-03T13:40:06.295Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."}], "affected": [{"versions": [{"version": "See HP Security Bulletin reference for affected versions.", "status": "affected"}], "product": "HP PC products using AMI UEFI Firmware", "vendor": "HP Inc."}], "references": [{"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2023-02-12T01:45:42.615671Z"}, "x_generator": {"engine": "cveClient/1.0.13"}, "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:40:06.295Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:348_g4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FEE153A6-4830-4AFE-8686-7A565DA17AC8", "versionEndExcluding": "f.65", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:348_g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "49DAEC47-59F9-4DB5-9A7D-99ED68DE702E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:260_g2_desktop_mini_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "557E5418-A72F-4C32-A8A5-0BA2E6D86F76", "versionEndExcluding": "2.26", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:260_g2_desktop_mini:-:*:*:*:*:*:*:*", "matchCriteriaId": "B46A5A35-548C-4D8A-8615-155BE636D0DA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:218_pro_g5_mt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8BC161C-763B-4245-92FA-DD3409C2CEBD", "versionEndExcluding": "f15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:218_pro_g5_mt:-:*:*:*:*:*:*:*", "matchCriteriaId": "611B7336-44A2-4A6A-94A2-9C6A55E6B878", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:260_g3_desktop_mini_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "28D3AFD7-5EC1-49CB-8940-31D54D34145D", "versionEndExcluding": "02.20.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:260_g3_desktop_mini:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5AFD7D7-554B-426F-873E-F240A34C1178", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FE54A16-C1C9-4316-944B-185EB5DD8137", "versionEndExcluding": "02.12.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1A3C361-80EC-4776-9949-3CB5B4319A65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F89E8E31-A6D5-41E8-B7DC-8B12EDD10689", "versionEndExcluding": "02.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g3_microtower_pc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80CC04F-9AAE-47B6-9F6D-A20E7FB58D57", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g3_pci_microtower_pc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF066652-0581-4C5A-AF12-0D1425C70B26", "versionEndExcluding": "02.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g3_pci_microtower_pc:-:*:*:*:*:*:*:*", "matchCriteriaId": "6488C91D-C3B6-4DBC-AB84-66C034F12F85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:288_pro_g3_microtower_pc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "592EF5D6-CC6D-4AB5-9E9D-D1505D01043D", "versionEndExcluding": "00.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:288_pro_g3_microtower_pc:-:*:*:*:*:*:*:*", "matchCriteriaId": "A33680A7-EB8D-45A4-8F3D-C7D1657471B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g1_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F87FB74C-93C1-42D5-99CC-955C84CAB676", "versionEndExcluding": "00.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g1_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "916FDAB3-6BE7-4783-BCDA-03519A090755", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_300_g3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5E0D0B3-B543-43A0-BAE4-26D6360C1112", "versionEndExcluding": "f15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_300_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC1CA282-C10A-450C-AC5C-7D4DB28B7769", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_a_300_g3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C4A67C7-3B7F-4AB5-BC59-FC9C1DAC92F6", "versionEndExcluding": "f12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_a_300_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC252085-28AD-4B4B-B3F2-46A79EC4454E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C7D086F-37FD-4E6C-850F-84C6A1F82716", "versionEndExcluding": "f.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B71FF05-319E-4AF9-898A-535C47296918", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_a_g2_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7F4D44A-229F-4F20-A428-752C5C3653B0", "versionEndExcluding": "f.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_a_g2_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F2483BA-E501-46EE-9E65-A3B80A3354C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C92281F0-A9A6-4A91-A476-D2297F19C9EB", "versionEndExcluding": "f12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEB20EDC-6674-40ED-8A47-B742837D1E29", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_a_g3_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEC30EED-1990-4D47-B1CD-1FB7E62BBC6E", "versionEndExcluding": "f12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_a_g3_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "37108B1D-2BED-42D6-87A4-596E75FB645F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_g3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9E162B6-B3F4-4F58-91ED-186EC919D928", "versionEndExcluding": "f15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "BABA54B2-6DD5-4CEE-A0DF-5C7B498E38BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_g3_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0253ED0-B9FF-4050-8F6F-9D0A65511BB5", "versionEndExcluding": "f15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_g3_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DE0F273-92B2-448A-B8F1-7EB1F132B74A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8053C388-2231-4DDB-AF1D-84A73FAE9925", "versionEndExcluding": "00.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "260A0E1E-1B35-43A1-B0AF-696942DCC932", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3976A254-EA9D-4976-B041-98F1F8DA6130", "versionEndExcluding": "f.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B21CB1F-1AA7-4983-B89A-DB4F655F327B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_66_pro_a_g1_r_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1289BC6-AFF4-4FCE-A3AA-D5D6037F7549", "versionEndExcluding": "f12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_66_pro_a_g1_r_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "39465F25-77A7-401E-A198-B052064AA241", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_66_pro_g1_r_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "10C50921-3336-47CF-BBC8-D94B924A29F8", "versionEndExcluding": "f15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_66_pro_g1_r_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "44F52B8E-14B4-4967-B243-DFDB7037E6EC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_86_pro_g1_microtower_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56BDBFDB-5E52-47C5-923A-9E5C24795261", "versionEndExcluding": "00.02.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_86_pro_g1_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "AACFA1BA-C08E-4659-B6A7-E957DDB72C36", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:rp2_retail_system_2000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "864FDD6C-D435-4C96-A882-62120DA6E1D0", "versionEndExcluding": "2.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:rp2_retail_system_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "56681D4A-2D4B-495F-85E3-635F51E7A63D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:rp2_retail_system_2020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACDD5962-2CCE-45F6-97E3-1F962EBD938D", "versionEndExcluding": "2.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:rp2_retail_system_2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "9270F8AA-88E9-456C-A571-3D2DF1D06363", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:rp2_retail_system_2030_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47F3C45A-3762-4EAB-BFC7-5D2EDD03D760", "versionEndExcluding": "2.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:rp2_retail_system_2030:-:*:*:*:*:*:*:*", "matchCriteriaId": "BAC73F0F-09F9-4916-B0DD-DB69D6699CB2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability."}], "id": "CVE-2022-43779", "lastModified": "2023-02-21T21:15:29.363", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-12T04:15:16.060", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hp.com/us-en/document/ish_7394557-7394585-16/hpsbhf03829"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}