CVE-2016-2243

Summary

CVE	CVE-2016-2243
State	PUBLISHED
Assigner	hp
Source Priority	CVE Program / NVD first with legacy fallback
Published	2016-03-04 15:59:00 UTC
Updated	2026-05-06 22:30:45 UTC
Description	Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access.

Risk And Classification

Primary CVSS: v3.0 7.9 HIGH from [email protected]

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

Problem Types: CWE-284 | n/a

Version	Source	Type	Score	Severity	Vector
3.0	[email protected]	Primary	7.9	HIGH	`CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H`
2.0	[email protected]	Primary	5.4		`AV:L/AC:M/Au:N/C:N/I:P/A:C`

CVSS v3.0 Breakdown

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

High

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

CVSS v2.0 Breakdown

Access Vector

Local

Access Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Complete

AV:L/AC:M/Au:N/C:N/I:P/A:C

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Hp	1000 Series Firmware	1.01	All	All	All
Operating System	Hp	1000 Series Firmware	1.04	All	All	All
Operating System	Hp	1000 Series Firmware	1.1	All	All	All
Operating System	Hp	700 Series Firmware	1.05	All	All	All
Operating System	Hp	700 Series Firmware	1.08	All	All	All
Operating System	Hp	700 Series Firmware	2.05	All	All	All
Operating System	Hp	700 Series Firmware	2.07	All	All	All
Operating System	Hp	700 Series Firmware	2.09	All	All	All
Operating System	Hp	800 Series Firmware	2.09	All	All	All
Operating System	Hp	800 Series Firmware	2.1	All	All	All
Hardware	Hp	Elitebook 725 G3	-	All	All	All
Hardware	Hp	Elitebook 745 G3	-	All	All	All
Hardware	Hp	Elitebook 755 G3	-	All	All	All
Hardware	Hp	Elitebook 820 G3	-	All	All	All
Hardware	Hp	Elitebook 840 G3	-	All	All	All
Hardware	Hp	Elitebook 850 G3	-	All	All	All
Hardware	Hp	Elitebook Folio 1012 X2 G2	-	All	All	All
Hardware	Hp	Elitebook Folio 1040 G3	-	All	All	All
Hardware	Hp	Elitedesk 705 G2 Dm	All	All	All	All
Hardware	Hp	Elitedesk 705 G2 Mt Sff	-	All	All	All
Hardware	Hp	Elitedesk 800 G2 Dm	-	All	All	All
Hardware	Hp	Elitedesk 800 G2 Twr	-	All	All	All
Hardware	Hp	Elitedesk 800 Sff	-	All	All	All
Hardware	Hp	Mp9 G2 Retail System	-	All	All	All
Hardware	Hp	Mt42 Mobile Thin Client	-	All	All	All
Operating System	Hp	Z238 Firmware	1.11	All	All	All
Hardware	Hp	Z238 Microtower Workstation N51	-	All	All	All
Operating System	Hp	Z240 Firmware	1.11	All	All	All
Hardware	Hp	Z240 Sff Workstation N51	-	All	All	All
Hardware	Hp	Z240 Tower Workstation N51	-	All	All	All
Hardware	Hp	Zbook 15u G3	-	All	All	All
Hardware	Hp	Zbook 15 G3	-	All	All	All
Hardware	Hp	Zbook 17 G3	-	All	All	All
Operating System	Hp	Zbook Firmware	1.03	All	All	All
Operating System	Hp	Zbook Firmware	1.04	All	All	All
Hardware	Hp	Zbook Studio G3	-	All	All	All
Operating System	Samsung	X14j Firmware	t-ms14jakucb-1102.5	All	All	All
Operating System	Zyxel	Gs1900-10hp Firmware	All	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
HP Commercial Notebook, Desktop, and Workstation Products Bug in Sure Start Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
HP Support document - HP Support Center	af854a3a-2127-422b-91ae-364da2661108	h20565.www2.hp.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.