Vulnerability Details CVE-2023-26299
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.2%
CVSS Severity
CVSS v3 Score 7.0
References
Products affected by CVE-2023-26299
-
cpe:2.3:h:hp:200_g3:-
-
cpe:2.3:h:hp:200_g4_22_all-in-one:-
-
cpe:2.3:h:hp:200_pro_g4_22_all-in-one:-
-
cpe:2.3:h:hp:205_g4_22_all-in-one:-
-
cpe:2.3:h:hp:205_pro_g4_22_all-in-one:-
-
cpe:2.3:h:hp:240_g10:-
-
cpe:2.3:h:hp:245_g6:-
-
cpe:2.3:h:hp:245_g7:-
-
cpe:2.3:h:hp:245_g8:-
-
cpe:2.3:h:hp:247_g8:-
-
cpe:2.3:h:hp:250_g10:-
-
cpe:2.3:h:hp:255_g10:-
-
cpe:2.3:h:hp:260_g4_desktop_mini:-
-
cpe:2.3:h:hp:280_g3:-
-
cpe:2.3:h:hp:280_g4:-
-
cpe:2.3:h:hp:280_g4_microtower:-
-
cpe:2.3:h:hp:280_g5:-
-
cpe:2.3:h:hp:280_g5_small_form_factor:-
-
cpe:2.3:h:hp:280_g6:-
-
cpe:2.3:h:hp:280_g8_microtower:-
-
cpe:2.3:h:hp:280_pro_g3:-
-
cpe:2.3:h:hp:280_pro_g4_microtower:-
-
cpe:2.3:h:hp:280_pro_g5_small_form_factor:-
-
cpe:2.3:h:hp:282_g5:-
-
cpe:2.3:h:hp:282_g6:-
-
cpe:2.3:h:hp:282_pro_g4_microtower:-
-
cpe:2.3:h:hp:288_g5:-
-
cpe:2.3:h:hp:288_g6:-
-
cpe:2.3:h:hp:288_pro_g4_microtower:-
-
cpe:2.3:h:hp:290_g1:-
-
cpe:2.3:h:hp:290_g2:-
-
cpe:2.3:h:hp:290_g2_microtower:-
-
cpe:2.3:h:hp:290_g3:-
-
cpe:2.3:h:hp:290_g3_small_form_factor:-
-
cpe:2.3:h:hp:290_g4:-
-
cpe:2.3:h:hp:349_g7:-
-
cpe:2.3:h:hp:470_g10:-
-
cpe:2.3:h:hp:470_g9:-
-
cpe:2.3:h:hp:desktop_pro_g1_microtower:-
-
cpe:2.3:h:hp:pro_small_form_factor_280_g9_desktop:-
-
cpe:2.3:h:hp:pro_small_form_factor_290_g9_desktop:-
-
cpe:2.3:h:hp:pro_small_form_factor_zhan_66_g9_desktop:-
-
cpe:2.3:h:hp:pro_tower_200_g9_desktop:-
-
cpe:2.3:h:hp:pro_tower_280_g9_desktop:-
-
cpe:2.3:h:hp:pro_tower_290_g9_desktop:-
-
cpe:2.3:h:hp:pro_tower_zhan_99_g9_desktop:-
-
cpe:2.3:h:hp:proone_240_g10:-
-
cpe:2.3:h:hp:proone_240_g9:-
-
cpe:2.3:h:hp:proone_440_g3:-
-
cpe:2.3:h:hp:proone_490_g3:-
-
cpe:2.3:h:hp:proone_496_g3:-
-
cpe:2.3:h:hp:t430:-
-
cpe:2.3:h:hp:t628:-
-
cpe:2.3:h:hp:vr_backpack_g2:-
-
cpe:2.3:h:hp:z_vr_backpack_g1_workstation:-
-
cpe:2.3:h:hp:zhan_86_pro_g2_microtower:-
-
cpe:2.3:h:hp:zhan_99_g2:-
-
cpe:2.3:h:hp:zhan_99_g4:-
-
cpe:2.3:h:hp:zhan_99_pro_g1_microtower:-
-
cpe:2.3:o:hp:200_g3_firmware:-
-
cpe:2.3:o:hp:200_g4_22_all-in-one_firmware:-
-
cpe:2.3:o:hp:200_pro_g4_22_all-in-one_firmware:-
-
cpe:2.3:o:hp:205_g4_22_all-in-one_firmware:-
-
cpe:2.3:o:hp:205_pro_g4_22_all-in-one_firmware:-
-
cpe:2.3:o:hp:240_g10_firmware:*
-
cpe:2.3:o:hp:245_g6_firmware:*
-
cpe:2.3:o:hp:245_g7_firmware:*
-
cpe:2.3:o:hp:245_g8_firmware:*
-
cpe:2.3:o:hp:247_g8_firmware:*
-
cpe:2.3:o:hp:250_g10_firmware:*
-
cpe:2.3:o:hp:255_g10_firmware:*
-
cpe:2.3:o:hp:260_g4_desktop_mini_firmware:-
-
cpe:2.3:o:hp:280_g3_firmware:-
-
cpe:2.3:o:hp:280_g4_firmware:-
-
cpe:2.3:o:hp:280_g4_microtower_firmware:-
-
cpe:2.3:o:hp:280_g5_firmware:-
-
cpe:2.3:o:hp:280_g5_small_form_factor_firmware:-
-
cpe:2.3:o:hp:280_g6_firmware:-
-
cpe:2.3:o:hp:280_g8_microtower_firmware:-
-
cpe:2.3:o:hp:280_pro_g3_firmware:-
-
cpe:2.3:o:hp:280_pro_g4_microtower_firmware:-
-
cpe:2.3:o:hp:280_pro_g5_small_form_factor_firmware:-
-
cpe:2.3:o:hp:282_g5_firmware:-
-
cpe:2.3:o:hp:282_g6_firmware:-
-
cpe:2.3:o:hp:282_pro_g4_microtower_firmware:-
-
cpe:2.3:o:hp:288_g5_firmware:-
-
cpe:2.3:o:hp:288_g6_firmware:-
-
cpe:2.3:o:hp:288_pro_g4_microtower_firmware:-
-
cpe:2.3:o:hp:290_g1_firmware:-
-
cpe:2.3:o:hp:290_g2_firmware:-
-
cpe:2.3:o:hp:290_g2_microtower_firmware:-
-
cpe:2.3:o:hp:290_g3_firmware:-
-
cpe:2.3:o:hp:290_g3_small_form_factor_firmware:-
-
cpe:2.3:o:hp:290_g4_firmware:-
-
cpe:2.3:o:hp:349_g7_firmware:*
-
cpe:2.3:o:hp:470_g10_firmware:*
-
cpe:2.3:o:hp:470_g9_firmware:*
-
cpe:2.3:o:hp:desktop_pro_g1_microtower_firmware:-
-
cpe:2.3:o:hp:pro_small_form_factor_280_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_small_form_factor_290_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_small_form_factor_zhan_66_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_tower_200_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_tower_280_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_tower_290_g9_desktop_firmware:-
-
cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_firmware:-
-
cpe:2.3:o:hp:proone_240_g10_firmware:-
-
cpe:2.3:o:hp:proone_240_g9_firmware:-
-
cpe:2.3:o:hp:proone_440_g3_firmware:-
-
cpe:2.3:o:hp:proone_490_g3_firmware:-
-
cpe:2.3:o:hp:proone_496_g3_firmware:-
-
cpe:2.3:o:hp:t430_firmware:*
-
cpe:2.3:o:hp:t628_firmware:*
-
cpe:2.3:o:hp:vr_backpack_g2_firmware:*
-
cpe:2.3:o:hp:z_vr_backpack_g1_workstation_firmware:-
-
cpe:2.3:o:hp:zhan_86_pro_g2_microtower_firmware:-
-
cpe:2.3:o:hp:zhan_99_g2_firmware:*
-
cpe:2.3:o:hp:zhan_99_g4_firmware:*
-
cpe:2.3:o:hp:zhan_99_pro_g1_microtower_firmware:-