Vulnerability in Hp Inc. Factory Preinstalled Windows 10 20h2 Images
CVE-2022-38396
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerabili…
EPSS: 0.004 (32.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Hp Inc. Factory Preinstalled Windows 10 20h2 Images — versions See HP Security Bulletin reference for affected versions.
- Microsoft Windows_10_1507
- Microsoft Windows_10_1511
- Microsoft Windows_10_1607
- Microsoft Windows_10_1703
- Microsoft Windows_10_1709
- Microsoft Windows_10_1803
- Microsoft Windows_10_1809
- Microsoft Windows_10_1909
- Microsoft Windows_10_2004
References
- hp-security-alert@hp.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-38396?
- CVE-2022-38396 is a high-severity vulnerability in Hp Inc. Factory Preinstalled Windows 10 20h2 Images. CVSS score: 7.8/10. Published 2023-02-12.
- How severe is CVE-2022-38396?
- High severity. CVSS v3 base score is 7.8 out of 10.