{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2207", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "state": "PUBLISHED", "assignerShortName": "hp", "dateReserved": "2024-03-05T22:33:59.358Z", "datePublished": "2024-11-12T19:24:46.327Z", "dateUpdated": "2024-11-13T18:26:16.314Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "SECOMN64 Driver", "vendor": "Sound Research", "versions": [{"status": "affected", "version": "See HP Security Bulletin reference for affected versions."}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities.</span>"}], "value": "Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2024-11-12T19:24:46.327Z"}, "references": [{"url": "https://support.hp.com/us-en/document/ish_11567250-11567490-16/hpsbhf03987"}], "source": {"discovery": "UNKNOWN"}, "title": "Sound Research SECOMN64 Escalation of Privilege", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "hewlett_packard_enterprise", "product": "sound_research_secomn64_driver", "cpes": ["cpe:2.3:a:hewlett_packard_enterprise:sound_research_secomn64_driver:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-13T18:24:18.622087Z", "id": "CVE-2024-2207", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T18:26:16.314Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2207", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-13T18:24:18.622087Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:hewlett_packard_enterprise:sound_research_secomn64_driver:*:*:*:*:*:*:*:*"], "vendor": "hewlett_packard_enterprise", "product": "sound_research_secomn64_driver", "versions": [{"status": "affected", "version": "1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T18:26:02.983Z"}}], "cna": {"title": "Sound Research SECOMN64 Escalation of Privilege", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Sound Research", "product": "SECOMN64 Driver", "versions": [{"status": "affected", "version": "See HP Security Bulletin reference for affected versions."}], "defaultStatus": "unknown"}], "references": [{"url": "https://support.hp.com/us-en/document/ish_11567250-11567490-16/hpsbhf03987"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2024-11-12T19:24:46.327Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2207", "state": "PUBLISHED", "dateUpdated": "2024-11-13T18:26:16.314Z", "dateReserved": "2024-03-05T22:33:59.358Z", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "datePublished": "2024-11-12T19:24:46.327Z", "assignerShortName": "hp"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities."}, {"lang": "es", "value": "Se han identificado posibles vulnerabilidades en el paquete de audio de ciertos productos de PC HP que utilizan el controlador Sound Research SECOMN64, lo que podr\u00eda permitir la escalada de privilegios. Sound Research ha publicado actualizaciones de controladores para mitigar las posibles vulnerabilidades."}], "id": "CVE-2024-2207", "lastModified": "2024-11-13T17:01:16.850", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.5, "source": "hp-security-alert@hp.com", "type": "Secondary"}]}, "published": "2024-11-12T20:15:06.120", "references": [{"source": "hp-security-alert@hp.com", "url": "https://support.hp.com/us-en/document/ish_11567250-11567490-16/hpsbhf03987"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "hp-security-alert@hp.com", "type": "Secondary"}]}

{}