{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4143", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "state": "PUBLISHED", "assignerShortName": "hp", "dateReserved": "2024-04-24T19:44:43.576Z", "datePublished": "2024-07-15T21:46:41.838Z", "dateUpdated": "2024-08-01T20:33:52.408Z"}, "containers": {"cna": {"title": "Certain HP PC products using AMI BIOS \u2013 Buffer Overflow", "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability."}], "affected": [{"vendor": "HP Inc.", "product": "Certain HP PC Products", "defaultStatus": "affected", "versions": [{"version": "See HP security bulletin reference for affected versions", "status": "affected"}]}], "references": [{"url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953"}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2024-07-15T21:46:41.838Z"}, "x_generator": {"engine": "cveClient/1.0.15"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "affected": [{"vendor": "hp", "product": "ami_bios", "cpes": ["cpe:2.3:o:hp:ami_bios:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "unknown", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-16T15:14:35.163254Z", "id": "CVE-2024-4143", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T16:25:43.374Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:52.408Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:52.408Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-4143", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-16T15:14:35.163254Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:hp:ami_bios:*:*:*:*:*:*:*:*"], "vendor": "hp", "product": "ami_bios", "versions": [{"status": "unknown", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T16:01:16.008Z"}}], "cna": {"title": "Certain HP PC products using AMI BIOS \u2013 Buffer Overflow", "affected": [{"vendor": "HP Inc.", "product": "Certain HP PC Products", "versions": [{"status": "affected", "version": "See HP security bulletin reference for affected versions"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953"}], "x_generator": {"engine": "cveClient/1.0.15"}, "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability."}], "providerMetadata": {"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp", "dateUpdated": "2024-07-15T21:46:41.838Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4143", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:33:52.408Z", "dateReserved": "2024-04-24T19:44:43.576Z", "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "datePublished": "2024-07-15T21:46:41.838Z", "assignerShortName": "hp"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability."}, {"lang": "es", "value": "Se ha identificado una posible vulnerabilidad de seguridad en ciertos productos de PC HP que utilizan AMI BIOS, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario. AMI ha lanzado actualizaciones de firmware para mitigar esta vulnerabilidad."}], "id": "CVE-2024-4143", "lastModified": "2024-11-21T09:42:16.163", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-15T22:15:03.223", "references": [{"source": "hp-security-alert@hp.com", "url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.hp.com/us-en/document/ish_10914391-10914417-16/hpsbhf03953"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}