CVE-2023-6138

HIGH

HP Z440/Z640/Z840 Workstation Firmware < 2.62 - Privilege Escalation, Arbitrary Code Execution, or Denial of Service

Title source: llm

Description

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hp.com/us-en/document/ish_10167884-10167908-16/hpsbhf03915

Scores

CVSS v3 7.9

EPSS 0.0016

EPSS Percentile 36.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (3)

hp/z440_workstation_firmware < 2.62

hp/z640_workstation_firmware < 2.62

hp/z840_workstation_firmware < 2.62

Published Feb 14, 2024

Tracked Since Feb 18, 2026