Vulnerability Details CVE-2017-2751
A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.044
EPSS Ranking 88.5%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
Products affected by CVE-2017-2751
-
cpe:2.3:h:hp:compaq_14-h000:-
-
cpe:2.3:h:hp:compaq_14-s000:-
-
cpe:2.3:h:hp:compaq_cq45-900:-
-
cpe:2.3:h:hp:hp_1000-1300:-
-
cpe:2.3:h:hp:hp_14-g000:-
-
cpe:2.3:h:hp:hp_14-r000:-
-
cpe:2.3:h:hp:hp_15-r000:-
-
cpe:2.3:h:hp:hp_15-r500:-
-
cpe:2.3:h:hp:hp_240_g1:-
-
cpe:2.3:h:hp:hp_240_g3:-
-
cpe:2.3:h:hp:hp_245_g1:-
-
cpe:2.3:h:hp:hp_246:-
-
cpe:2.3:h:hp:hp_246_g3:-
-
cpe:2.3:h:hp:hp_250_g1_notebook_pc:-
-
cpe:2.3:h:hp:hp_255_g1_notebook_pc:-
-
cpe:2.3:h:hp:hp_255_g3:-
-
cpe:2.3:h:hp:hp_455:-
-
cpe:2.3:h:hp:hp_envy_100:-
-
cpe:2.3:h:hp:hp_envy_14-k100:-
-
cpe:2.3:h:hp:hp_envy_15-j000:-
-
cpe:2.3:h:hp:hp_envy_15-j100:-
-
cpe:2.3:h:hp:hp_envy_17-j100_leap_motion_se:-
-
cpe:2.3:h:hp:hp_envy_17_j100:-
-
cpe:2.3:h:hp:hp_envy_m6-n000:-
-
cpe:2.3:h:hp:hp_g14-a000:-
-
cpe:2.3:h:hp:hp_pavilion_10-f000:-
-
cpe:2.3:h:hp:hp_pavilion_11-n000:-
-
cpe:2.3:h:hp:hp_pavilion_14-n000:-
-
cpe:2.3:h:hp:hp_pavilion_15-n000:-
-
cpe:2.3:h:hp:hp_pavilion_15-n200:-
-
cpe:2.3:h:hp:hp_pavilion_15-n300:-
-
cpe:2.3:h:hp:hp_spectre_13-h200:-
-
cpe:2.3:h:hp:hp_spectre_x2_13-smb_pro:-
-
cpe:2.3:h:hp:hp_split_13-g200:-
-
cpe:2.3:o:hp:compaq_14-h000_firmware:-
-
cpe:2.3:o:hp:compaq_14-s000_firmware:-
-
cpe:2.3:o:hp:compaq_cq45-900_firmware:-
-
cpe:2.3:o:hp:hp_1000-1300_firmware:*
-
cpe:2.3:o:hp:hp_14-g000_firmware:*
-
cpe:2.3:o:hp:hp_14-r000_firmware:*
-
cpe:2.3:o:hp:hp_15-r000_firmware:*
-
cpe:2.3:o:hp:hp_15-r500_firmware:*
-
cpe:2.3:o:hp:hp_240_g1_firmware:*
-
cpe:2.3:o:hp:hp_240_g3_firmware:*
-
cpe:2.3:o:hp:hp_245_g1_firmware:*
-
cpe:2.3:o:hp:hp_246_firmware:*
-
cpe:2.3:o:hp:hp_246_g3_firmware:*
-
cpe:2.3:o:hp:hp_250_g1_notebook_pc_firmware:*
-
cpe:2.3:o:hp:hp_255_g1_notebook_pc_firmware:*
-
cpe:2.3:o:hp:hp_255_g3_firmware:*
-
cpe:2.3:o:hp:hp_455_firmware:*
-
cpe:2.3:o:hp:hp_envy_100_firmware:*
-
cpe:2.3:o:hp:hp_envy_14-k100_firmware:*
-
cpe:2.3:o:hp:hp_envy_15-j000_firmware:*
-
cpe:2.3:o:hp:hp_envy_15-j100_firmware:*
-
cpe:2.3:o:hp:hp_envy_17-j100_leap_motion_se_firmware:*
-
cpe:2.3:o:hp:hp_envy_17_j100_firmware:*
-
cpe:2.3:o:hp:hp_envy_m6-n000_firmware:*
-
cpe:2.3:o:hp:hp_g14-a000_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_10-f000_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_11-n000_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_14-n000_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_15-n000_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_15-n200_firmware:*
-
cpe:2.3:o:hp:hp_pavilion_15-n300_firmware:*
-
cpe:2.3:o:hp:hp_spectre_13-h200_firmware:*
-
cpe:2.3:o:hp:hp_spectre_x2_13-smb_pro_firmware:*
-
cpe:2.3:o:hp:hp_split_13-g200_firmware:*