CVE-2022-33985 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-33985 PUBLISHED

In der Insyde UEFI Firmware existieren mehrere "Time-of-Check to Time-of-Use (TOCTOU)" Schwachstellen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Informationen offenzulegen oder einen Denial of Service zu verursachen.

EPSS 0.04% · 11.4th percentile

Risk Scores

EPSS Score

0.04%

11.4th percentile

Affected Products

Vendor	Product	Versions
HP	HP Computer
Insyde	Insyde UEFI Firmware

Timeline

Nov 14, 2022 CVE Published
Nov 15, 2022 EPSS Score
Dec 27, 2022 EPSS Score
Feb 7, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 22, 2023 EPSS Score
May 3, 2023 EPSS Score
Jun 14, 2023 EPSS Score
Jul 26, 2023 EPSS Score
Sep 7, 2023 EPSS Score
Oct 19, 2023 EPSS Score
Nov 30, 2023 EPSS Score

References

Open in Interactive Console →