CVE-2022-38396
Summary
| CVE | CVE-2022-38396 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-02-12 04:15:00 UTC |
| Updated | 2023-04-25 16:01:00 UTC |
| Description | HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 10 1507 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1511 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1607 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1703 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1709 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1803 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1807 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1809 | - | All | All | All |
| Operating System | Microsoft | Windows 10 1909 | - | All | All | All |
| Operating System | Microsoft | Windows 10 2004 | - | All | All | All |
| Operating System | Microsoft | Windows 10 20h2 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Potential Escalation of Privilege in HP Factory Preinstalled Windows 10 20H2 Images | HP® Customer Support | MISC | support.hp.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.