CVE-2023-6215
BaseFortify
Publication date: 2025-10-07
Last updated on: 2025-10-08
Assigner: HP Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hp | sure_start | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a potential security weakness in HP Sure Start's protection of the Intel Flash Descriptor on certain HP PC products. It might allow attackers to bypass security measures, execute arbitrary code, or cause loss of integrity or confidentiality, or even denial of service. HP is addressing this issue by releasing BIOS updates.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing attackers to bypass security protections, execute arbitrary code on your device, compromise the integrity or confidentiality of your system, or cause denial of service, potentially leading to system instability or unauthorized access.
What immediate steps should I take to mitigate this vulnerability?
Apply the BIOS updates released by HP for affected HP PC products to mitigate the potential vulnerability in HP Sure Start's protection of the Intel Flash Descriptor.