Input validation error in HP Development Company products - CVE-2022-23958
Published: March 4, 2022
Vulnerability identifier: #VU61026
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-23958
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: HP Development Company
Affected software:
HP ProBook 440 G8 Notebook PC
HP ProDesk 405 G6 Small Form Factor PC
PC BIOS
HP ProBook 440 G8 Notebook PC
HP ProDesk 405 G6 Small Form Factor PC
PC BIOS
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A local administrator can perform a denial of service (DoS) attack.
How to mitigate CVE-2022-23958
Install updates from vendor's website.