CVE-2024-5477
BaseFortify
Publication date: 2025-08-13
Last updated on: 2025-08-14
Assigner: HP Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hp | system_bios | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1256 | The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead to modification of hardware memory or register bits, or the ability to observe physical side channels. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the System BIOS of some HP PC products and may allow an attacker with physical access and specialized equipment and knowledge to escalate privileges, execute arbitrary code, cause denial of service, or disclose information.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to gain higher privileges on the system, run unauthorized code, disrupt system availability, or access sensitive information, potentially compromising the security and functionality of affected HP PCs.
What immediate steps should I take to mitigate this vulnerability?
Apply the firmware mitigation released by HP for the affected System BIOS on your HP PC products to address the vulnerability.