Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-38396

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021.

Published

2023-02-12T04:15:14.910

Last Modified

2025-03-25T21:15:37.403

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	microsoft	windows_10_1507	-	Yes
Operating System	microsoft	windows_10_1511	-	Yes
Operating System	microsoft	windows_10_1607	-	Yes
Operating System	microsoft	windows_10_1703	-	Yes
Operating System	microsoft	windows_10_1709	-	Yes
Operating System	microsoft	windows_10_1803	-	Yes
Operating System	microsoft	windows_10_1809	-	Yes
Operating System	microsoft	windows_10_1909	-	Yes
Operating System	microsoft	windows_10_2004	-	Yes
Operating System	microsoft	windows_10_20h2	-	Yes

References

https://support.hp.com/ie-en/document/ish_7620368-7620413-16 Vendor Advisory ([email protected])
https://support.hp.com/ie-en/document/ish_7620368-7620413-16 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)