What is CVE-2022-31640?

CVE-2022-31640 is a high-severity vulnerability in Hp Elitebook_1040_g4, classified under Time-of-check Time-of-use (TOCTOU) Race Condition. CVSS score: 7.0/10. Published 2023-06-14.

How severe is CVE-2022-31640?

High severity. CVSS v3 base score is 7.0 out of 10.

Vulnerability in Hp Elitebook_1040_g4

CVE-2022-31640

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.

Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)

EPSS: 0.002 (6.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.0 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Hp Elitebook_1040_g4
Hp Elitebook_1040_g4_firmware
Hp Elitebook_1040_g9
Hp Elitebook_1040_g9_firmware
Hp Elitebook_1050_g1
Hp Elitebook_1050_g1_firmware
Hp Elitebook_630_g9
Hp Elitebook_630_g9_firmware
Hp Elitebook_640_g9
Hp Elitebook_640_g9_firmware

Weakness classification (CWE)

CWE-367 — Time-of-check Time-of-use (TOCTOU) Race Condition

References

hp-security-alert@hp.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-31640?: CVE-2022-31640 is a high-severity vulnerability in Hp Elitebook_1040_g4, classified under Time-of-check Time-of-use (TOCTOU) Race Condition. CVSS score: 7.0/10. Published 2023-06-14.
How severe is CVE-2022-31640?: High severity. CVSS v3 base score is 7.0 out of 10.