What is CVE-2022-37019?

CVE-2022-37019 is a medium-severity vulnerability in Hp Elitebook_1040_g3, classified under Improper Privilege Management. CVSS score: 6.8/10. Published 2024-06-10.

How severe is CVE-2022-37019?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Privilege escalation in Hp Elitebook_1040_g3

CVE-2022-37019

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.

Vulnerability class: Privilege Escalation

EPSS: 0.002 (6.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L.

Affected products

Hp Elitebook_1040_g3
Hp Elitebook_1040_g3_firmware
Hp Elitebook_820_g3
Hp Elitebook_820_g3_firmware
Hp Elitebook_828_g3
Hp Elitebook_828_g3_firmware
Hp Elitebook_840_g3
Hp Elitebook_840_g3_firmware
Hp Elitebook_848_g3
Hp Elitebook_848_g3_firmware

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

hp-security-alert@hp.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-37019?: CVE-2022-37019 is a medium-severity vulnerability in Hp Elitebook_1040_g3, classified under Improper Privilege Management. CVSS score: 6.8/10. Published 2024-06-10.
How severe is CVE-2022-37019?: Medium severity. CVSS v3 base score is 6.8 out of 10.