CVE & CISA-KEV Catalog

CVE-2023-26300

HIGH
7.8
CVSS v3
NVD

Description

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.

How to fix

Remediation Available
200 g4 22 all-in-one pc \(rom family ssid 86f0\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
200 g4 22 all-in-one pc \(rom family ssid 86f2\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
200 g4 22 all-in-one pc \(rom family ssid 86f3\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
200 pro g4 22 all-in-one pc \(rom family ssid 86f0\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
200 pro g4 22 all-in-one pc \(rom family ssid 86f2\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
200 pro g4 22 all-in-one pc \(rom family ssid 86f3\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 g4 22 all-in-one pc \(rom family ssid 86f0\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 g4 22 all-in-one pc \(rom family ssid 86f2\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 g4 22 all-in-one pc \(rom family ssid 86f3\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 g8 24 all-in-one pc \(rom family ssid 8923\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
205 g8 24 all-in-one pc \(rom family ssid 8924\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
205 pro g4 22 all-in-one pc \(rom family ssid 86f0\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 pro g4 22 all-in-one pc \(rom family ssid 86f2\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 pro g4 22 all-in-one pc \(rom family ssid 86f3\) firmwareNVD
Affected:< f.50Fixed in:f.50CVE-2023-26300derived from NVD
205 pro g8 24 all-in-one pc \(rom family ssid 8923\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
205 pro g8 24 all-in-one pc \(rom family ssid 8924\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
240 g10 firmwareNVD
Affected:< f.05Fixed in:f.05CVE-2023-26300derived from NVD
240 g6 firmwareNVD
Affected:< f.55Fixed in:f.55CVE-2023-26300derived from NVD
240 g7 firmwareNVD
Affected:< f.75Fixed in:f.75CVE-2023-26300derived from NVD
240 g9 firmwareNVD
Affected:< f.06Fixed in:f.06CVE-2023-26300derived from NVD
245 firmwareNVD
Affected:< f.11Fixed in:f.11CVE-2023-26300derived from NVD
245 g10 firmwareNVD
Affected:< f.06Fixed in:f.06CVE-2023-26300derived from NVD
245 g7 firmwareNVD
Affected:< f.70Fixed in:f.70CVE-2023-26300derived from NVD
245 g8 firmwareNVD
Affected:< f.26Fixed in:f.26CVE-2023-26300derived from NVD
245 g9 firmwareNVD
Affected:< f.11Fixed in:f.11CVE-2023-26300derived from NVD
246 g6 firmwareNVD
Affected:< f.55Fixed in:f.55CVE-2023-26300derived from NVD
246 g7 firmwareNVD
Affected:< f.75Fixed in:f.75CVE-2023-26300derived from NVD
247 g8 firmwareNVD
Affected:< f.70Fixed in:f.70CVE-2023-26300derived from NVD
250 g10 firmwareNVD
Affected:< f.06Fixed in:f.06CVE-2023-26300derived from NVD
250 g6 firmwareNVD
Affected:< f.73Fixed in:f.73CVE-2023-26300derived from NVD
250 g7 firmwareNVD
Affected:< f.46Fixed in:f.46CVE-2023-26300derived from NVD
250 g9 firmwareNVD
Affected:< f.63Fixed in:f.63CVE-2023-26300derived from NVD
255 g10 firmwareNVD
Affected:< f.09Fixed in:f.09CVE-2023-26300derived from NVD
255 g6 firmwareNVD
Affected:< f.56Fixed in:f.56CVE-2023-26300derived from NVD
255 g7 firmwareNVD
Affected:< f.41Fixed in:f.41CVE-2023-26300derived from NVD
255 g8 \(rom family ssid 87d1\) firmwareNVD
Affected:< f.37Fixed in:f.37CVE-2023-26300derived from NVD
255 g8 \(rom family ssid 8905\) firmwareNVD
Affected:< f.37Fixed in:f.37CVE-2023-26300derived from NVD
255 g8 \(rom family ssid 890e\) firmwareNVD
Affected:< f.37Fixed in:f.37CVE-2023-26300derived from NVD
255 g8 firmwareNVD
Affected:< f.37Fixed in:f.37CVE-2023-26300derived from NVD
255 g9 firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
256 g6 firmwareNVD
Affected:< f.73Fixed in:f.73CVE-2023-26300derived from NVD
256 g7 firmwareNVD
Affected:< f.46Fixed in:f.46CVE-2023-26300derived from NVD
258 g6 firmwareNVD
Affected:< f.73Fixed in:f.73CVE-2023-26300derived from NVD
258 g7 firmwareNVD
Affected:< f.46Fixed in:f.46CVE-2023-26300derived from NVD
285 g6 microtower \(rom family ssid 871e\) firmwareNVD
Affected:< f.26Fixed in:f.26CVE-2023-26300derived from NVD
285 g8 microtower \(rom family ssid 870e\) firmwareNVD
Affected:< f.30Fixed in:f.30CVE-2023-26300derived from NVD
285 pro g6 microtower \(rom family ssid 871e\) firmwareNVD
Affected:< f.26Fixed in:f.26CVE-2023-26300derived from NVD
285 pro g8 microtower \(rom family ssid 870e\) firmwareNVD
Affected:< f.30Fixed in:f.30CVE-2023-26300derived from NVD
295 g8 microtower \(rom family ssid 870e\) firmwareNVD
Affected:< f.30Fixed in:f.30CVE-2023-26300derived from NVD
340 g7 firmwareNVD
Affected:< f.39Fixed in:f.39CVE-2023-26300derived from NVD
348 g7 firmwareNVD
Affected:< f.39Fixed in:f.39CVE-2023-26300derived from NVD
470 g10 firmwareNVD
Affected:< f.03Fixed in:f.03CVE-2023-26300derived from NVD
470 g7 firmwareNVD
Affected:< f.70Fixed in:f.70CVE-2023-26300derived from NVD
470 g9 firmwareNVD
Affected:< f.06Fixed in:f.06CVE-2023-26300derived from NVD
desktop pro a 300 g3 firmwareNVD
Affected:< f.13Fixed in:f.13CVE-2023-26300derived from NVD
desktop pro a g3 firmwareNVD
Affected:< f.13Fixed in:f.13CVE-2023-26300derived from NVD
desktop pro a g3 microtower firmwareNVD
Affected:< f.13Fixed in:f.13CVE-2023-26300derived from NVD
pro sff 280 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro sff 280 g9 desktop \(rom family ssid 8bc3\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
pro sff 290 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro sff 290 g9 desktop \(rom family ssid 8bc3\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
pro sff zhan 66 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro sff zhan 66 g9 desktop \(rom family ssid 8bc3\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
pro tower 200 g9 desktop \(rom family ssid 89b3\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 200 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 200 g9 desktop \(rom family ssid 8bc3\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
pro tower 280 g9 desktop \(rom family ssid 89b3\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 280 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 290 g9 desktop \(rom family ssid 89b3\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 290 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower 290 g9 desktop \(rom family ssid 8bc3\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
pro tower zhan 99 g9 desktop \(rom family ssid 89b3\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower zhan 99 g9 desktop \(rom family ssid 89b4\) firmwareNVD
Affected:< f.22Fixed in:f.22CVE-2023-26300derived from NVD
pro tower zhan 99 g9 desktop \(rom family ssid 8b3c\) firmwareNVD
Affected:< f.12Fixed in:f.12CVE-2023-26300derived from NVD
proone 240 g10 \(rom family ssid 8b4c\) firmwareNVD
Affected:< f.05Fixed in:f.05CVE-2023-26300derived from NVD
proone 240 g10 \(rom family ssid 8b4d\) firmwareNVD
Affected:< f.10Fixed in:f.10CVE-2023-26300derived from NVD
proone 240 g9 \(rom family ssid 89eb\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
stream 11 pro g4 firmwareNVD
Affected:< f.30Fixed in:f.30CVE-2023-26300derived from NVD
stream 11 pro g5 firmwareNVD
Affected:< f.18Fixed in:f.18CVE-2023-26300derived from NVD
t638 thin client firmwareNVD
Affected:< 00.01.13Fixed in:00.01.13CVE-2023-26300derived from NVD
vr backpack g2 \(rom family ssid 8590\) firmwareNVD
Affected:< f.29Fixed in:f.29CVE-2023-26300derived from NVD
zbook 15 g5 mobile workstation firmwareNVD
Affected:< f.37Fixed in:f.37CVE-2023-26300derived from NVD
zhan 66 pro a g10 \(rom family ssid 8b4e\) firmwareNVD
Affected:< f.05Fixed in:f.05CVE-2023-26300derived from NVD
zhan 66 pro a g1 r microtower firmwareNVD
Affected:< f.13Fixed in:f.13CVE-2023-26300derived from NVD
zhan 66 pro a g4 all-in-one pc \(rom family ssid 8923\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
zhan 66 pro a g4 all-in-one pc \(rom family ssid 8924\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD
zhan 99 g3 mobile workstation firmwareNVD
Affected:< f.19Fixed in:f.19CVE-2023-26300derived from NVD
zhan 99 g4 mobile workstation firmwareNVD
Affected:< f.09Fixed in:f.09CVE-2023-26300derived from NVD
zhan 99 pro a g2 microtower \(rom family ssid 871e\) firmwareNVD
Affected:< f.20Fixed in:f.20CVE-2023-26300derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.18%probability of exploitation in 30 days
8thpercentile

Low risk: more likely to be exploited than 8% of all known CVEs.

References

Embed a live status badge for CVE-2023-26300
CVE-2023-26300 severity badge

Markdown

[![CVE-2023-26300](https://tridentstack.com/cve/badge/CVE-2023-26300.svg)](https://tridentstack.com/cve/CVE-2023-26300)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-26300"><img src="https://tridentstack.com/cve/badge/CVE-2023-26300.svg" alt="CVE-2023-26300"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.