Primary

Context

HP Sure Start Intel Flash Descriptor Protection Vulnerability Allowing Security Bypass and Arbitrary Code Execution

Vulnerability

A vulnerability in HP Sure Start's protection of the Intel Flash Descriptor has been identified in certain HP PC products. This vulnerability could lead to security bypass, arbitrary code execution, unauthorized access to information, or denial of service. HP is releasing BIOS updates to address this vulnerability.

Impact

Exploitation of this vulnerability could result in a security bypass, allowing unauthorized actions or access, and could enable arbitrary code execution on the affected system.

Remediation

HP is releasing BIOS updates to mitigate this vulnerability. Users should check the HP Customer Support - Software and Driver Downloads site for the latest updates for their product model.

Added: Oct 7, 2025, 3:24 PM

Updated: Oct 7, 2025, 6:58 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HP Sure Start Intel Flash Descriptor Protection Vulnerability Allowing Security Bypass and Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating