{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-26299", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "state": "PUBLISHED", "assignerShortName": "hp", "dateReserved": "2023-02-21T21:14:33.320Z", "datePublished": "2023-06-30T15:40:10.380Z", "dateUpdated": "2023-06-30T15:40:10.380Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability."}], "affected": [{"versions": [{"version": "See HP Security Bulletin reference for affected versions.", "status": "affected"}], "product": "HP PC products using AMI UEFI Firmware", "vendor": "HP Inc."}], "references": [{"url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2023-06-30T15:40:10.380Z"}, "x_generator": {"engine": "cveClient/1.0.13"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:260_g4_desktop_mini_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A22FB0D-69B1-4FDB-897E-6655D4DAB1A6", "versionEndExcluding": "2.14", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:260_g4_desktop_mini:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1A3C361-80EC-4776-9949-3CB5B4319A65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:t430_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9D1FB3A-EC66-4DA9-8590-798F8540C535", "versionEndExcluding": "00.01.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:t430:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA282389-B256-4E59-966A-F45533AB0D0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:t628_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "833D2519-4340-4433-B0C0-4A832284E225", "versionEndExcluding": "00.01.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:t628:-:*:*:*:*:*:*:*", "matchCriteriaId": "E211855B-CC97-4465-BB6B-6A21BE49EB8B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:240_g10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A33B9BB-1078-4FE4-BE5B-979FACFDEFD2", "versionEndExcluding": "f.04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:240_g10:-:*:*:*:*:*:*:*", "matchCriteriaId": "228AB159-2035-4773-92C9-0B1A7C37E73A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:245_g6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D50716CA-7372-4C46-B97E-C371E98CC6CF", "versionEndExcluding": "f.35", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:245_g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC354FB1-6F4E-4024-88E3-1F0B9EB77E68", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:245_g7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F4A278A-B835-4502-BAB2-A96648ECE259", "versionEndExcluding": "f.69", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:245_g7:-:*:*:*:*:*:*:*", "matchCriteriaId": "27CB115A-654B-40F2-AB3F-F1D676FE756D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:245_g8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9CCDC7A-47B4-4687-B17D-2C1CB8F01E13", "versionEndExcluding": "f.25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:245_g8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8848BD8C-43E0-4AC9-AA37-C27C909A469E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:247_g8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C968F11E-EA1E-42B0-9051-1387DF802D45", "versionEndExcluding": "f.69", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:247_g8:-:*:*:*:*:*:*:*", "matchCriteriaId": "736C9B2B-A5F0-4563-A82D-3B505D38C2D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:250_g10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8B76F25-8713-49CD-AF80-82D58DF982AF", "versionEndExcluding": "f.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:250_g10:-:*:*:*:*:*:*:*", "matchCriteriaId": "91114984-7DFD-47C2-A6B7-05CD9D0BB532", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:255_g10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F52095A-3E8B-471E-9E21-642C01C74273", "versionEndExcluding": "f.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:255_g10:-:*:*:*:*:*:*:*", "matchCriteriaId": "006A02ED-2CFB-45DD-8481-0B3A13B0AB2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:349_g7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C13930DF-BCF1-4413-BE0C-15C13D5E854F", "versionEndExcluding": "f.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:349_g7:-:*:*:*:*:*:*:*", "matchCriteriaId": "83CABB74-43CD-4FD2-A17E-CC073E8FF830", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:470_g10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5184184-486E-4904-A516-9A80C2C3117E", "versionEndExcluding": "f.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:470_g10:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4FC06B5-340D-480B-9686-9F9463028A66", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:470_g9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "020CF0D0-9D10-4701-9243-CBAFF31741A1", "versionEndExcluding": "f.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:470_g9:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0B308D9-A986-4463-801F-A31AE190540F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_99_g2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "243EEAE5-313A-4747-8556-5FCA66E0573A", "versionEndExcluding": "f.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_99_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A677B096-E4F2-424E-B06A-5B335FE0709A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_99_g4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9A18242-A4EA-4E64-AAE9-7F7E91897557", "versionEndExcluding": "f.08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_99_g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFFC67F1-A1EC-4BA8-86AF-567DC1272600", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:vr_backpack_g2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "95C468D7-7B09-4D14-ACFE-CDB8DC237E52", "versionEndExcluding": "f.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:vr_backpack_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "73F034D5-E071-49D9-9DD0-084EE7B8DFD8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:200_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "03BBAB9F-13D4-4C74-A42C-E2E27BAB0095", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:200_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D353BB07-DBD5-4F2E-ADF2-DC2B61143957", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:200_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FA17105-B074-4FCB-AE8E-678C9170147C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:200_g4_22_all-in-one:-:*:*:*:*:*:*:*", "matchCriteriaId": "D21E8CA6-8A44-4EA9-936C-2F52555890B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:200_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA839908-F2C3-4E0B-BA55-F8B11748D170", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:200_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*", "matchCriteriaId": "6059F9B7-B1CA-4B6B-BB0D-067F6D47E9D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:205_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB3076D2-920B-4AE9-A9B0-4A32D31A5DE8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:205_g4_22_all-in-one:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AF306D8-ABBF-4045-8D9F-AA16AD0C820E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:205_pro_g4_22_all-in-one_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "816EB4BC-CB1E-498B-8FF4-1BE29C24E1ED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:205_pro_g4_22_all-in-one:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A9A1E4E-CA39-4869-B383-3C434617948B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EEB9916-0DDB-477F-8D0F-3875F502C11B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "191FF108-74AD-4EE6-8785-F634A6CED90B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "24675A82-C3F9-4781-93F9-79883AEEE53B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "24DD2AF3-8883-48B8-877C-F63176543203", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g4_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4838645F-D633-4043-B1D6-01F6070FD080", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g4_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "14AFEF3F-A93D-4042-88AA-F68F5F67C009", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "92D0C1E9-95E0-4DD4-ADF0-645B4384E487", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g5:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3FADF9F-1929-47C7-B75D-8F14C45B09B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6397DB7D-5349-46AB-BB52-83B7E8EA461F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g5_small_form_factor:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CF85CB9-B797-4E6C-ABEF-67392DCD48B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7E617F9-C3BB-4D34-8181-487EEB199F8B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "579D1565-CA10-4A4E-A2E8-16004A78C89A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_g8_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "85F267F4-FA76-4592-9038-BB217C9EEBBC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_g8_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "26A0906A-8EE8-47D1-BFDA-EC04909A3829", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_pro_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0925537-5738-4DDE-8F1A-F492C186002B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_pro_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "59B822CD-5459-4AA0-98FD-7349685EA329", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "665B81DE-B934-4F5B-8A0A-F429AF64BBA3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_pro_g4_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F045964-4BEA-4C71-939F-7FBC437BD7BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:280_pro_g5_small_form_factor_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAAC266B-C17C-453A-8D32-C45CE044E147", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:280_pro_g5_small_form_factor:-:*:*:*:*:*:*:*", "matchCriteriaId": "C140BECB-6F01-4D79-8D03-E8B8A42824AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:282_g5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D2BB8A0-FFDF-4696-9ACD-FF832C6C402F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:282_g5:-:*:*:*:*:*:*:*", "matchCriteriaId": "71218FF2-460D-49D1-812F-D8C08BF510E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:282_g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8374038D-3316-4C15-B1B9-C2F0B3537A05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:282_g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5BA71E2-BE32-4563-AC07-BDF826B9C4D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:282_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A82B799-EC08-484F-800F-8EB4FFB085AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:282_pro_g4_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "0476E463-DA4D-4F20-BEDF-B93D3ABC1B14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:288_g5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3F7E602-8A96-446D-BDE6-7D7133B09EE2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:288_g5:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3D7B1D8-A3D0-47B0-8A22-A3608892D03E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:288_g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8939A9F6-D5B6-4265-90DE-652896D582F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:288_g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5E8F7C6-45F0-476F-BE22-B8D602B91627", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:288_pro_g4_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "39C32033-1E8E-4FAB-A1A5-1B85AF4FA510", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:288_pro_g4_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9211352-0EE0-48D9-939C-9C47F3F47EC5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD062EA-F9AE-4619-9679-E63811DCF240", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g1:-:*:*:*:*:*:*:*", "matchCriteriaId": "39ADF234-B2E7-4B33-AC6E-A2442A2E959F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "046E517C-A766-4064-97E0-EF92686530A0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "066B771F-9486-4B18-8856-BB75A7DC24A3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g2_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "43C0AC26-6193-4DEF-AF5E-935877959923", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g2_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA3884D2-D337-447B-8E5C-30722138B55B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "929FE0E8-714C-434C-A0FC-EA921554C13C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CB6EBE6-94A6-4611-8DD1-5E8E23EA4197", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g3_small_form_factor_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3686518-AB17-402A-8337-5187ECD72071", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g3_small_form_factor:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10AFFDB-EDD2-4B49-B522-AA7E95698AFD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:290_g4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C9EF20C-4517-4EE2-9FE4-3DB5400F82BA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:290_g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "9809B055-DCAF-4689-94F7-650BBA46143B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:desktop_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0B5A75E-F5FC-4BD6-BDF0-509BCDD74971", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:desktop_pro_g1_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "990CA33B-0C50-4A33-AEB2-E9E0FF49D8C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_small_form_factor_280_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7446D646-07DC-4AC2-8FC3-C6A5BA7FA21C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_small_form_factor_280_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED86FB0B-00D5-46ED-BAFD-75F4F0711039", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_small_form_factor_290_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4773020-D227-4209-BC02-0D61043CBD04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_small_form_factor_290_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B609D2A-EA4A-4630-9272-C04E0D89CAEB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_small_form_factor_zhan_66_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9A57584-8D85-4E32-A91A-34AD85CFFBED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_small_form_factor_zhan_66_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8073860-0FE3-4594-8208-185E10570979", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_tower_200_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "108CB770-35B9-4E5E-93AC-B9CED1646118", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_tower_200_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "9440CDEE-F9AE-48F6-ACA9-F52B5825B4D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_tower_280_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E903A0B-606F-4838-A737-7F89642F5B15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_tower_280_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "73443124-D7EA-4125-8B45-774D0DDD8896", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_tower_290_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68754120-1B3F-49A1-B9C0-A7050F325A2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_tower_290_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBBDA484-C171-4E0A-9DA6-FD0AC3926E1C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:pro_tower_zhan_99_g9_desktop_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "626D4144-4573-4BC7-A90F-7F2F382E8BE1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:pro_tower_zhan_99_g9_desktop:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD535049-4136-4209-BA00-129DD221D2D9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:proone_240_g10_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3536C31F-3ACA-406C-A71B-3C52E7309859", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:proone_240_g10:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE346033-6077-4DB4-9D33-67F3B8740846", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:proone_240_g9_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B307ECF9-2602-418F-B2B0-DEE5B2430A82", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:proone_240_g9:-:*:*:*:*:*:*:*", "matchCriteriaId": "D716B903-6C32-4CA6-ACF9-97C2009545CB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:proone_440_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1966769-CC94-4A17-8CF2-53CCAA70EDA0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:proone_440_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD6B59D9-BC7D-462D-82CF-ACB37611A014", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:proone_490_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1318D35C-1B13-4CFE-910F-EDA69D9DC723", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:proone_490_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "40AFDED7-7EBB-4B16-9AFB-6D692ECCC504", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:proone_496_g3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "41600C3D-012D-4100-88A4-009DE4CD981C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:proone_496_g3:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B70E73-B2D6-46A6-B4EA-1F2673A9F20C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z_vr_backpack_g1_workstation_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "402FA585-D7C8-4F5C-BECC-1AD9A988DA9B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z_vr_backpack_g1_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "97110C07-D287-47A7-B1E3-9E3A1BDF9E9A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_86_pro_g2_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7796F3E3-652D-4A67-A01B-B2923207D29D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_86_pro_g2_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "66525D0D-D460-4822-9B94-CE2088E621C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:zhan_99_pro_g1_microtower_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C15BE4ED-7432-4932-A39C-03CC659F0B5B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:zhan_99_pro_g1_microtower:-:*:*:*:*:*:*:*", "matchCriteriaId": "F481B7BE-667B-46CB-BEC5-BE033917C068", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability."}], "id": "CVE-2023-26299", "lastModified": "2023-07-10T18:53:00.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-30T16:15:09.543", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hp.com/us-en/document/ish_8642715-8642746-16/hpsbhf03850"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}