Input validation error in HP Development Company products - CVE-2022-23955
Published: March 4, 2022
Vulnerability identifier: #VU61028
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-23955
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: HP Development Company
Affected software:
HP ProBook 440 G8 Notebook PC
HP ProDesk 405 G6 Small Form Factor PC
PC BIOS
HP ProBook 440 G8 Notebook PC
HP ProDesk 405 G6 Small Form Factor PC
PC BIOS
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A local administrator can perform a denial of service (DoS) attack.
How to mitigate CVE-2022-23955
Install updates from vendor's website.