February 23, 2023
HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.
HP recently discovered potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities in their PC’s BIOS.
CVE-2022-27539, CVE-2022-27541, CVE-2022-43777, CVE-2022-43778 (CVSS:3.1 score: 7.8, High) – A threat actor may carry out remote code execution (RCE), denial of service (DoS), and information disclosure operations.
- Business Notebook PCs.
- Business Desktop PCs.
- Retail Point-of-Sale systems.
CYREBRO recommends those who use affected products to update their products.
References: HP Advisoty